Cross-Site Request Forgery (CSRF or XSRF) is a type of security vulnerability in web applications. Without protection from CSRF, a Jenkins user or ...
default-src 'none' prohibits loading scripts, URLs for AJAX/XHR/WebSockets/EventSources, fonts, plugin objects, media, and frames from anywhere (images and ...
Managing Security. Table of Contents. Enabling Security. TCP Port; Access Control; Markup Formatter. CSRF Protection; Agent/Master Access ...
Document Jenkins on Kubernetes ... CSRF Protection · Rendering User Content · Access ... Authenticating scripted clients --- if you need to programmatically access ...
Missing: /url | Show results with:/url
Administrators may accidentally set up a security realm or authorization strategy in such a way that they are no longer able to administer or even access ...
As an alternative to relaxing Content-Security-Policy , administrators can configure Jenkins to serve files from potentially less trusted sources from a ...
Jenkins access control is split into two parts: Authentication (users prove who they are) is done using a security realm. The security realm determines user ...
The permission Agent/Build requires access control for builds to be set up, as the build's authentication is checked, and not the user starting the build. In a ...
Missing: /url | Show results with:/url
Document Jenkins on Kubernetes. Security. Overview ... Access Control · Securing Jenkins · Managing Security · Controller Isolation · Securing Builds · CSRF ...
Missing: /url | Show results with:/url
Remote API and security. When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted ...