import hudson.security.csrf.DefaultCrumbIssuer import jenkins.model.Jenkins def instance = Jenkins.instance instance.setCrumbIssuer(new DefaultCrumbIssuer(true)) instance.save()
- If you are using nginx as a reverse proxy in front of Jenkins, you need an extra system property on Jenkins "
-Dhudson.security.csrf.requestfield=Jenkins-Crumb". See JENKINS-23793 for more detailsIf you have scripts and other programs that access Jenkins via REST API, they can be impacted. See its CSRF section for more information about how to update those scripts.