[JIRA] (JENKINS-17085) does not work when crumbs enabled

jgl...@cloudbees.com (JIRA) Tue, 05 Mar 2013 12:20:58 -0800

Jesse Glick created

<f:textarea previewEndpoint="/markupFormatter/previewDescription"/> does not work when crumbs enabled

Issue Type:	Bug
Assignee:	Jesse Glick
Components:	core
Created:	05/Mar/13 8:20 PM
Description:	Create an `admin` user with full perms, and deny all perms to anonymous; and enable CSRF protection. Now go to the Jenkins root page, click add description, type anything, and click Preview. You are greeted with <div class="textarea-preview" style="">403 No_valid_crumb_was_included_in_the_request<hr> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <title>Error 403 </title> <h2>HTTP ERROR: 403</h2><pre>No valid crumb was included in the request</pre> <p>RequestURI=/markupFormatter/previewDescription</p><p><i><small><a href="" class="code-quote">"http://jetty.mortbay.org/">Powered by Jetty://</a></small></i></p><br> ... </div>
Environment:	1.446.2 or 1.506-SNAPSHOT
Project:	Jenkins
Labels:	csrf security
Priority:	Major
Reporter:	Jesse Glick

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[JIRA] (JENKINS-17085) does not work when crumbs enabled

Reply via email to