【问题标题】:Jenkins API Response is not taking CrumbJenkins API Response 没有使用 Crumb
【发布时间】:2019-09-02 09:35:57
【问题描述】:

我想删除一个作业,为此我的 Jenkins 服务器需要 crumb。我正在发送面包屑,但它仍然将我发回,标题和/或正文中没有面包屑。

尝试了所有标题和正文的组合,但都没有奏效。

import requests
import json
from urllib.request import urljoin

def delete_jenkins_job(delete_url):
    """
    Function to delete Jenkins Job
    :param delete_url:
    :return:
    """
    base_url = 'http://<jenkins-server>:8080'
    _user = '<my-user>'
    _pass = '<my-pass>'
    crumb_url = urljoin(base_url, '/crumbIssuer/api/json')
    delete_url = urljoin(base_url, delete_url)
    response = json.loads(requests.request("GET", crumb_url, auth=(_user, _pass)).content)
    header = {
        'Connection': 'keep-alive',
        'Cache-Control': 'max-age=0',
        'Upgrade-Insecure-Requests': '1',
        'Content-Type': 'application/x-www-form-urlencoded',
        'Accept-Encoding': 'gzip, deflate',
    }
    data = {
        response['crumbRequestField']: response['crumb']
    }
    response = requests.request("POST", url=delete_url, headers=header, data=json.dumps(data), auth=(_user, _pass))
b'<html>\n<head>\n<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>\n<title>Error 403 No valid crumb was included in the request</title>\n</head>\n<body><h2>HTTP ERROR 403</h2>\n<p>Problem accessing /job/PyTest-Docker-Based/567/doDelete. Reason:\n<pre>    No valid crumb was included in the request</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>\n\n</body>\n</html>\n'

【问题讨论】:

    标签: python api jenkins


    【解决方案1】:

    Jenkins 从 2.176.x 版本更新了安全性,https://jenkins.io/doc/upgrade-guide/2.176/

    为避免这种情况,您可以采用以下三种方法之一:

    1. 安装 Strict Crumb Issuer jenkins 插件 (https://wiki.jenkins.io/display/JENKINS/Strict+Crumb+Issuer+Plugin) 以解决问题。
    2. 更新 set-cookie 键的标题以及 jenkins-crumb

      def cookieContent = response.headers.get("Set-Cookie")
      httpRequest(
          url: "https://the-url.com/the-thing.php",
          customHeaders: [[name:"Cookie", value:cookieContent]])
      
      
    3. 禁用此改进,您可以将系统属性 hudson.security.csrf.DefaultCrumbIssuer.EXCLUDE_SESSION_ID 设置为 true。

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2020-02-02
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2017-09-05
      • 2021-03-07
      • 1970-01-01
      相关资源
      最近更新 更多