Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
LinuxSuRen
jenkins
提交
eaafedd2
J
jenkins
项目概览
LinuxSuRen
/
jenkins
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jenkins
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
eaafedd2
编写于
4月 14, 2017
作者:
D
Daniel Beck
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[SECURITY-420] Add more @RequirePOST annotations
上级
23f4809e
变更
9
隐藏空白更改
内联
并排
Showing
9 changed file
with
16 addition
and
1 deletion
+16
-1
core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java
.../src/main/java/hudson/lifecycle/WindowsInstallerLink.java
+3
-0
core/src/main/java/hudson/logging/LogRecorderManager.java
core/src/main/java/hudson/logging/LogRecorderManager.java
+1
-0
core/src/main/java/hudson/model/MyViewsProperty.java
core/src/main/java/hudson/model/MyViewsProperty.java
+2
-0
core/src/main/java/hudson/model/TaskAction.java
core/src/main/java/hudson/model/TaskAction.java
+2
-0
core/src/main/java/hudson/model/UpdateSite.java
core/src/main/java/hudson/model/UpdateSite.java
+1
-0
core/src/main/java/hudson/slaves/AbstractCloudComputer.java
core/src/main/java/hudson/slaves/AbstractCloudComputer.java
+2
-0
core/src/main/java/hudson/util/DoubleLaunchChecker.java
core/src/main/java/hudson/util/DoubleLaunchChecker.java
+2
-0
core/src/main/java/jenkins/diagnosis/HsErrPidFile.java
core/src/main/java/jenkins/diagnosis/HsErrPidFile.java
+2
-0
core/src/main/resources/hudson/util/DoubleLaunchChecker/index.jelly
...ain/resources/hudson/util/DoubleLaunchChecker/index.jelly
+1
-1
未找到文件。
core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java
浏览文件 @
eaafedd2
...
...
@@ -46,6 +46,7 @@ import org.apache.tools.ant.taskdefs.Move;
import
org.apache.tools.ant.Project
;
import
org.apache.tools.ant.DefaultLogger
;
import
org.apache.tools.ant.types.FileSet
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
import
javax.servlet.ServletException
;
import
java.io.File
;
...
...
@@ -105,6 +106,7 @@ public class WindowsInstallerLink extends ManagementLink {
/**
* Performs installation.
*/
@RequirePOST
public
void
doDoInstall
(
StaplerRequest
req
,
StaplerResponse
rsp
,
@QueryParameter
(
"dir"
)
String
_dir
)
throws
IOException
,
ServletException
{
if
(
installationDir
!=
null
)
{
// installation already complete
...
...
@@ -166,6 +168,7 @@ public class WindowsInstallerLink extends ManagementLink {
}
}
@RequirePOST
public
void
doRestart
(
StaplerRequest
req
,
StaplerResponse
rsp
)
throws
IOException
,
ServletException
{
if
(
installationDir
==
null
)
{
// if the user reloads the page after Hudson has restarted,
...
...
core/src/main/java/hudson/logging/LogRecorderManager.java
浏览文件 @
eaafedd2
...
...
@@ -130,6 +130,7 @@ public class LogRecorderManager extends AbstractModelObject implements ModelObje
* Configure the logging level.
*/
@edu
.
umd
.
cs
.
findbugs
.
annotations
.
SuppressWarnings
(
"LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE"
)
@RequirePOST
public
HttpResponse
doConfigLogger
(
@QueryParameter
String
name
,
@QueryParameter
String
level
)
{
Jenkins
.
getInstance
().
checkPermission
(
Jenkins
.
ADMINISTER
);
Level
lv
;
...
...
core/src/main/java/hudson/model/MyViewsProperty.java
浏览文件 @
eaafedd2
...
...
@@ -52,6 +52,7 @@ import org.kohsuke.stapler.QueryParameter;
import
org.kohsuke.stapler.StaplerFallback
;
import
org.kohsuke.stapler.StaplerRequest
;
import
org.kohsuke.stapler.StaplerResponse
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
/**
* A UserProperty that remembers user-private views.
...
...
@@ -149,6 +150,7 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
return
new
HttpRedirect
(
"view/"
+
Util
.
rawEncode
(
getPrimaryView
().
getViewName
())
+
"/"
);
}
@RequirePOST
public
synchronized
void
doCreateView
(
StaplerRequest
req
,
StaplerResponse
rsp
)
throws
IOException
,
ServletException
,
ParseException
,
FormException
{
checkPermission
(
View
.
CREATE
);
...
...
core/src/main/java/hudson/model/TaskAction.java
浏览文件 @
eaafedd2
...
...
@@ -35,6 +35,7 @@ import java.io.IOException;
import
hudson.security.Permission
;
import
hudson.security.ACL
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
/**
* Partial {@link Action} implementation for those who kick some
...
...
@@ -137,6 +138,7 @@ public abstract class TaskAction extends AbstractModelObject implements Action {
/**
* Clears the error status.
*/
@RequirePOST
public
synchronized
void
doClearError
(
StaplerRequest
req
,
StaplerResponse
rsp
)
throws
IOException
,
ServletException
{
getACL
().
checkPermission
(
getPermission
());
...
...
core/src/main/java/hudson/model/UpdateSite.java
浏览文件 @
eaafedd2
...
...
@@ -176,6 +176,7 @@ public class UpdateSite {
/**
* This is the endpoint that receives the update center data file from the browser.
*/
@RequirePOST
public
FormValidation
doPostBack
(
StaplerRequest
req
)
throws
IOException
,
GeneralSecurityException
{
DownloadSettings
.
checkPostBackAccess
();
return
updateData
(
IOUtils
.
toString
(
req
.
getInputStream
(),
"UTF-8"
),
true
);
...
...
core/src/main/java/hudson/slaves/AbstractCloudComputer.java
浏览文件 @
eaafedd2
...
...
@@ -27,6 +27,7 @@ import hudson.model.Computer;
import
org.kohsuke.stapler.HttpRedirect
;
import
org.kohsuke.stapler.HttpResponse
;
import
org.kohsuke.stapler.HttpResponses
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
import
java.io.IOException
;
import
javax.annotation.CheckForNull
;
...
...
@@ -53,6 +54,7 @@ public class AbstractCloudComputer<T extends AbstractCloudSlave> extends SlaveCo
* When the slave is deleted, free the node right away.
*/
@Override
@RequirePOST
public
HttpResponse
doDoDelete
()
throws
IOException
{
checkPermission
(
DELETE
);
try
{
...
...
core/src/main/java/hudson/util/DoubleLaunchChecker.java
浏览文件 @
eaafedd2
...
...
@@ -31,6 +31,7 @@ import org.apache.commons.io.FileUtils;
import
org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement
;
import
org.kohsuke.stapler.StaplerRequest
;
import
org.kohsuke.stapler.StaplerResponse
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
import
javax.servlet.ServletException
;
import
javax.servlet.ServletContext
;
...
...
@@ -175,6 +176,7 @@ public class DoubleLaunchChecker {
/**
* Ignore the problem and go back to using Hudson.
*/
@RequirePOST
public
void
doIgnore
(
StaplerRequest
req
,
StaplerResponse
rsp
)
throws
IOException
{
ignore
=
true
;
Jenkins
.
getInstance
().
servletContext
.
setAttribute
(
"app"
,
Jenkins
.
getInstance
());
...
...
core/src/main/java/jenkins/diagnosis/HsErrPidFile.java
浏览文件 @
eaafedd2
...
...
@@ -4,6 +4,7 @@ import hudson.Util;
import
hudson.util.HttpResponses
;
import
jenkins.model.Jenkins
;
import
org.kohsuke.stapler.HttpResponse
;
import
org.kohsuke.stapler.interceptor.RequirePOST
;
import
java.io.File
;
import
java.io.IOException
;
...
...
@@ -48,6 +49,7 @@ public class HsErrPidFile {
return
HttpResponses
.
staticResource
(
file
);
}
@RequirePOST
public
HttpResponse
doDelete
()
throws
IOException
{
Jenkins
.
getInstance
().
checkPermission
(
Jenkins
.
ADMINISTER
);
file
.
delete
();
...
...
core/src/main/resources/hudson/util/DoubleLaunchChecker/index.jelly
浏览文件 @
eaafedd2
...
...
@@ -45,7 +45,7 @@ THE SOFTWARE.
</tr>
</table>
<div>
<form action="${rootURL}/ignore">
<form
method="post"
action="${rootURL}/ignore">
<f:submit value="${%label}" />
</form>
</div>
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录