Cross-Site Request Forgery (CSRF or XSRF) is a type of security vulnerability in web applications. Without protection from CSRF, a Jenkins user or ...
Managing Security. Table of Contents. Enabling Security. TCP Port; Access Control; Markup Formatter. CSRF Protection; Agent/Master Access ...
Document Jenkins on Kubernetes ... CSRF Protection · Rendering User Content · Access ... Authenticating scripted clients --- if you need to programmatically access ...
Missing: /url | Show results with:/url
default-src 'none' prohibits loading scripts, URLs for AJAX/XHR/WebSockets/EventSources, fonts, plugin objects, media, and frames from anywhere (images and ...
Document Jenkins on Kubernetes. Security. Overview ... Access Control · Securing Jenkins · Managing Security · Controller Isolation · Securing Builds · CSRF ...
Missing: /url | Show results with:/url
As an alternative to relaxing Content-Security-Policy , administrators can configure Jenkins to serve files from potentially less trusted sources from a ...
Administrators may accidentally set up a security realm or authorization strategy in such a way that they are no longer able to administer or even access ...
Remote API and security. When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted ...
Jenkins access control is split into two parts: Authentication (users prove who they are) is done using a security realm. The security realm determines user ...
Responses to POST requests that do not set a CSRF crumb/token may in very rare cases change in unexpected ways due to the fix for SECURITY-1774.
Missing: book/ | Show results with:book/