Class CrumbExclusion

  • All Implemented Interfaces:
    ExtensionPoint
    Direct Known Subclasses:
    ApiCrumbExclusion, CliCrumbExclusion

    public abstract class CrumbExclusion
    extends Object
    implements ExtensionPoint
    Allows plugins to define exceptions to the CSRF protection filter. Please note that Jenkins 2.96 and newer accepts HTTP POST requests without CSRF crumb, if HTTP Basic authentication uses an API token instead of a password, so many use cases (simple API clients that support authentication but not obtaining a crumb) should be obsolete.
    Since:
    1.446
    Author:
    Kohsuke Kawaguchi
    • Constructor Detail

      • CrumbExclusion

        public CrumbExclusion()
    • Method Detail

      • process

        public abstract boolean process​(javax.servlet.http.HttpServletRequest request,
                                        javax.servlet.http.HttpServletResponse response,
                                        javax.servlet.FilterChain chain)
                                 throws IOException,
                                        javax.servlet.ServletException
        This method is called for every incoming POST request.
        Returns:
        true to indicate that the callee had processed this request (for example by reporting an error, or by executing the rest of the chain.)
        Throws:
        IOException
        javax.servlet.ServletException