You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
While creating a webhook for connecting to Jenkins I am getting the following issues:
403 View details
Cache-Control: must-revalidate,no-cache,no-store Server: Jetty(10.0.11) X-Content-Type-Options: nosniff Content-Length: 575 Date: Wed, 11 Jan 2023 09:08:26 GMT Via: 1.1 localhost (Apache-HttpClient/4.5.13 (cache)) Content-Type: text/html; charset=ISO-8859-1
<html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 403 No valid crumb was included in the request</title> </head> <body><h2>HTTP ERROR 403 No valid crumb was included in the request</h2> <table> <tr><th>URI:</th><td>//bitbucket-scmsource-hook//notify//</td></tr> <tr><th>STATUS:</th><td>403</td></tr> <tr><th>MESSAGE:</th><td>No valid crumb was included in the request</td></tr> <tr><th>SERVLET:</th><td>Stapler</td></tr> </table> <hr/><a href="https://eclipse.org/jetty">Powered by Jetty:// 10.0.11</a><hr/> </body> </html>
Hey @Ravi_Ramachandra ,
Welcome to Atlassian Community!
Based on the error
No valid crumb was included in the request
I think the issue might be caused by a configuration on your Jenkins Instance. I believe you should have the flag Prevent Cross-Site Request Forgery exploits marked on your Jenkins configurations.
This particular setting will make Jenkins expect any webhook request to include a crumb header, like the below example :
--header "Jenkins-Crumb: <crumb>"
However, Bitbucket Cloud does not include that crumb header and we are not able to add these with our webhooks payloads, which makes the request fails with a 403.
In this case, if you are able to disable this setting on your Jenkins configuration, the webhooks should be delivered successfully. I would suggest taking a look at this thread with instructions on how to disable this setting in Jenkins :
Hope that helps! Let me know if you have any questions.