Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Webhook issues

Ravi_Ramachandra
Ravi_Ramachandra January 11, 2023

While creating a webhook for connecting to Jenkins I am getting the following issues:

403 View details

Response details

HTTP status:
403

Headers

Cache-Control: must-revalidate,no-cache,no-store
Server: Jetty(10.0.11)
X-Content-Type-Options: nosniff
Content-Length: 575
Date: Wed, 11 Jan 2023 09:08:26 GMT
Via: 1.1 localhost (Apache-HttpClient/4.5.13 (cache))
Content-Type: text/html; charset=ISO-8859-1

Body

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/>
<title>Error 403 No valid crumb was included in the request</title>
</head>
<body><h2>HTTP ERROR 403 No valid crumb was included in the request</h2>
<table>
<tr><th>URI:</th><td>//bitbucket-scmsource-hook//notify//</td></tr>
<tr><th>STATUS:</th><td>403</td></tr>
<tr><th>MESSAGE:</th><td>No valid crumb was included in the request</td></tr>
<tr><th>SERVLET:</th><td>Stapler</td></tr>
</table>
<hr/><a href="https://eclipse.org/jetty">Powered by Jetty:// 10.0.11</a><hr/>

</body>
</html>
Answer
Watch
Like Anees Muhammed likes this
1035 views

2 answers

0 votes
Anees Muhammed
Anees Muhammed May 22, 2023

Hey Ravi_Ramachandra,

 

Good day!

Could you please install the plugin  Build Authorization Token Root and rewrite the Webhook URL? It should work with the new URL.

https://plugins.jenkins.io/build-token-root/

Reply
0 votes
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 12, 2023

Hey @Ravi_Ramachandra ,

Welcome to Atlassian Community!

Based on the error

No valid crumb was included in the request

I think the issue might be caused by a configuration on your  Jenkins Instance. I believe you should have the flag Prevent Cross-Site Request Forgery exploits marked on your Jenkins configurations.

This particular setting will make Jenkins expect any webhook request to include a crumb header, like the below example :

--header "Jenkins-Crumb: <crumb>"

However, Bitbucket Cloud does not include that crumb header and we are not able to add these with our webhooks payloads, which makes the request fails with a 403.

In this case, if you are able to disable this setting on your Jenkins configuration, the webhooks should be delivered successfully. I would suggest taking a look at this thread with instructions on how to disable this setting in Jenkins : 

Hope that helps! Let me know if you have any questions.

Patrik S

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events