Cross-Site Request Forgery (CSRF or XSRF) is a type of security vulnerability in web applications. Without protection from CSRF, a Jenkins user or ...
Managing Security. Table of Contents. Enabling Security. TCP Port; Access Control; Markup Formatter. CSRF Protection; Agent/Master Access ...
default-src 'none' prohibits loading scripts, URLs for AJAX/XHR/WebSockets/EventSources, fonts, plugin objects, media, and frames from anywhere (images and ...
This chapter will introduce the various security options available to Jenkins administrators and users, explaining the protections offered, and trade-offs to ...
Missing: /url | Show results with:/url
Securing Jenkins has two aspects to it. Access control, which ensures users are authenticated when accessing Jenkins and their activities are authorized.
Missing: /url | Show results with:/url
Administrators may accidentally set up a security realm or authorization strategy in such a way that they are no longer able to administer or even access ...
Remote API and security. When your Jenkins is secured, you can use HTTP BASIC authentication to authenticate remote API requests. See Authenticating scripted ...
Document Jenkins on Kubernetes. Security. Overview ... Access Control · Securing Jenkins · Managing Security · Controller Isolation · Securing Builds · CSRF ...
Missing: /url | Show results with:/url
The permission Agent/Build requires access control for builds to be set up, as the build's authentication is checked, and not the user starting the build. In a ...
Missing: /url | Show results with:/url
Scripts that obtain a crumb using the /crumbIssuer/api URL will now fail to perform actions protected from CSRF unless the scripts retain the web session ID in ...
Missing: book/ | Show results with:book/