[JENKINS-34350] Fix POST to /git/notifyCommit with CSRF protection on

Inspired by jenkinsci/github-plugin@5c2a041
jenkinsci · Apr 27, 2017 · 8ac8cc9 · 8ac8cc9
1 parent bc51d27
commit 8ac8cc9
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/src/main/java/hudson/plugins/git/GitStatusCrumbExclusion.java b/src/main/java/hudson/plugins/git/GitStatusCrumbExclusion.java
@@ -0,0 +1,32 @@
+package hudson.plugins.git;
+
+import hudson.Extension;
+import hudson.security.csrf.CrumbExclusion;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Make POST to /git/notifyCommit work with CSRF protection on.
+ */
+@Extension
+public class GitStatusCrumbExclusion extends CrumbExclusion {
+
+    @Override
+    public boolean process(HttpServletRequest req, HttpServletResponse resp, FilterChain chain)
+            throws IOException, ServletException {
+        String pathInfo = req.getPathInfo();
+        if (pathInfo != null && pathInfo.equals(getExclusionPath())) {
+            chain.doFilter(req, resp);
+            return true;
+        }
+        return false;
+    }
+
+    public String getExclusionPath() {
+        return "/git/notifyCommit";
+    }
+}