Jenkins API响应没有使用Crumb
Jenkins API响应没有使用Crumb
提问于 2019-09-02 17:35:57
我想删除一个作业,为此我的Jenkins服务器需要crumb。我正在发送crumb,但它仍然会发送回报头和/或正文中没有crumb。
尝试了header和body的所有组合,但都不起作用。
import requests
import json
from urllib.request import urljoin
def delete_jenkins_job(delete_url):
"""
Function to delete Jenkins Job
:param delete_url:
:return:
"""
base_url = 'http://<jenkins-server>:8080'
_user = '<my-user>'
_pass = '<my-pass>'
crumb_url = urljoin(base_url, '/crumbIssuer/api/json')
delete_url = urljoin(base_url, delete_url)
response = json.loads(requests.request("GET", crumb_url, auth=(_user, _pass)).content)
header = {
'Connection': 'keep-alive',
'Cache-Control': 'max-age=0',
'Upgrade-Insecure-Requests': '1',
'Content-Type': 'application/x-www-form-urlencoded',
'Accept-Encoding': 'gzip, deflate',
}
data = {
response['crumbRequestField']: response['crumb']
}
response = requests.request("POST", url=delete_url, headers=header, data=json.dumps(data), auth=(_user, _pass))b'<html>\n<head>\n<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n<title>Error 403 No valid crumb was included in the request</title>\n</head>\n<body><h2>HTTP ERROR 403</h2>\n<p>Problem accessing /job/PyTest-Docker-Based/567/doDelete. Reason:\n<pre> No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>\n\n</body>\n</html>\n'回答 1
Stack Overflow用户
发布于 2019-12-10 14:04:04
Jenkins已经从2.176.x版本,https://jenkins.io/doc/upgrade-guide/2.176/更新了安全性
要避免这种情况,您可以遵循以下三种方法中的任何一种:
- 安装严格的Crumb Issuer jenkins插件(https://wiki.jenkins.io/display/JENKINS/Strict+Crumb+Issuer+Plugin)以解决此问题。
- 更新您的标头以获取set-cookie密钥和jenkins-crumb
value:cookieContent])
- Disable cookieContent = response.headers.get(" set -Cookie") httpRequest( url:"https://the-url.com/the-thing.php",customHeaders:[name:"Cookie",def此改进您可以将系统属性hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID设置为true。customHeaders
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/57754602
复制相关文章
相似问题
腾讯云开发者
