Jenkins页面操作提示 "No valid crumb was included in the request"
一、问题描述(Problem Description):
在jenkins中创建新任务时候选择“拷贝已存在任务”,点击OK,跳转到下一步时候弹出如下错误信息:"No valid crumb was included in the request"
jenkins new job -> copy existing job -> click OK -> "No valid crumb was included in the request"
jenkins 填写构建参数,点击“BUILD”,提示: "No valid crumb was included in the request"
二、运行环境(Environment):
apache + jboss-as-7.1.1.Final,Windows XP SP3,jdk 1.6.0_33
三、错误原因(Reason):
jenkins在http请求头部中放置了一个名为.crumb的token。在使用了反向代理,并且在jenkins设置中勾选了“防止跨站点请求伪造(Prevent Cross Site Request Forgery exploits)”之后此token会被转发服务器apache/nginx认为是不合法头部而去掉。导致跳转失败。
The problem is that jenkins stores its' csrf token in a http header called '.crumb', AFAIK headers must only contain alphanumerics and dashes, and apache/nginx will remove invalid headers from the request (unless configured not to).
四、解决方案(Solution):
1.在apache/nginx中设置ignore_invalid_headers,或者:
2.在jenkins全局安全设置中取消勾选“防止跨站点请求伪造(Prevent Cross Site Request Forgery exploits)”。
1.Set ignore_invalid_headers in your apache/nginx server, or:
2.Uncheck "Prevent Cross Site Request Forgery exploits" in jenkins global security settings.
参考资料(References)
