[SECURITY-420] Add more @RequirePOST annotations

core/src/main/java/hudson/lifecycle/WindowsInstallerLink.java

@@ -46,6 +46,7 @@ import org.apache.tools.ant.taskdefs.Move;
 import org.apache.tools.ant.Project;
 import org.apache.tools.ant.DefaultLogger;
 import org.apache.tools.ant.types.FileSet;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import javax.servlet.ServletException;
 import java.io.File;
@@ -105,6 +106,7 @@ public class WindowsInstallerLink extends ManagementLink {
     /**
      * Performs installation.
      */
+    @RequirePOST
     public void doDoInstall(StaplerRequest req, StaplerResponse rsp, @QueryParameter("dir") String _dir) throws IOException, ServletException {
         if(installationDir!=null) {
             // installation already complete
@@ -166,6 +168,7 @@ public class WindowsInstallerLink extends ManagementLink {
         }
     }
 
+    @RequirePOST
     public void doRestart(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         if(installationDir==null) {
             // if the user reloads the page after Hudson has restarted,

core/src/main/java/hudson/logging/LogRecorderManager.java

@@ -130,6 +130,7 @@ public class LogRecorderManager extends AbstractModelObject implements ModelObje
      * Configure the logging level.
      */
     @edu.umd.cs.findbugs.annotations.SuppressWarnings("LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE")
+    @RequirePOST
     public HttpResponse doConfigLogger(@QueryParameter String name, @QueryParameter String level) {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         Level lv;

core/src/main/java/hudson/model/MyViewsProperty.java

@@ -52,6 +52,7 @@ import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerFallback;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 /**
  * A UserProperty that remembers user-private views.
@@ -149,6 +150,7 @@ public class MyViewsProperty extends UserProperty implements ModifiableViewGroup
         return new HttpRedirect("view/" + Util.rawEncode(getPrimaryView().getViewName()) + "/");
     }
 
+    @RequirePOST
     public synchronized void doCreateView(StaplerRequest req, StaplerResponse rsp)
             throws IOException, ServletException, ParseException, FormException {
         checkPermission(View.CREATE);

core/src/main/java/hudson/model/TaskAction.java

@@ -35,6 +35,7 @@ import java.io.IOException;
 
 import hudson.security.Permission;
 import hudson.security.ACL;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 /**
  * Partial {@link Action} implementation for those who kick some
@@ -137,6 +138,7 @@ public abstract class TaskAction extends AbstractModelObject implements Action {
     /**
      * Clears the error status.
      */
+    @RequirePOST
     public synchronized void doClearError(StaplerRequest req, StaplerResponse rsp) throws IOException, ServletException {
         getACL().checkPermission(getPermission());
 

core/src/main/java/hudson/model/UpdateSite.java

@@ -176,6 +176,7 @@ public class UpdateSite {
     /**
      * This is the endpoint that receives the update center data file from the browser.
      */
+    @RequirePOST
     public FormValidation doPostBack(StaplerRequest req) throws IOException, GeneralSecurityException {
         DownloadSettings.checkPostBackAccess();
         return updateData(IOUtils.toString(req.getInputStream(),"UTF-8"), true);

core/src/main/java/hudson/slaves/AbstractCloudComputer.java

@@ -27,6 +27,7 @@ import hudson.model.Computer;
 import org.kohsuke.stapler.HttpRedirect;
 import org.kohsuke.stapler.HttpResponse;
 import org.kohsuke.stapler.HttpResponses;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import java.io.IOException;
 import javax.annotation.CheckForNull;
@@ -53,6 +54,7 @@ public class AbstractCloudComputer<T extends AbstractCloudSlave> extends SlaveCo
      * When the slave is deleted, free the node right away.
      */
     @Override
+    @RequirePOST
     public HttpResponse doDoDelete() throws IOException {
         checkPermission(DELETE);
         try {

core/src/main/java/hudson/util/DoubleLaunchChecker.java

@@ -31,6 +31,7 @@ import org.apache.commons.io.FileUtils;
 import org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement;
 import org.kohsuke.stapler.StaplerRequest;
 import org.kohsuke.stapler.StaplerResponse;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import javax.servlet.ServletException;
 import javax.servlet.ServletContext;
@@ -175,6 +176,7 @@ public class DoubleLaunchChecker {
     /**
      * Ignore the problem and go back to using Hudson.
      */
+    @RequirePOST
     public void doIgnore(StaplerRequest req, StaplerResponse rsp) throws IOException {
         ignore = true;
         Jenkins.getInstance().servletContext.setAttribute("app", Jenkins.getInstance());

core/src/main/java/jenkins/diagnosis/HsErrPidFile.java

@@ -4,6 +4,7 @@ import hudson.Util;
 import hudson.util.HttpResponses;
 import jenkins.model.Jenkins;
 import org.kohsuke.stapler.HttpResponse;
+import org.kohsuke.stapler.interceptor.RequirePOST;
 
 import java.io.File;
 import java.io.IOException;
@@ -48,6 +49,7 @@ public class HsErrPidFile {
         return HttpResponses.staticResource(file);
     }
 
+    @RequirePOST
     public HttpResponse doDelete() throws IOException {
         Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER);
         file.delete();

core/src/main/resources/hudson/util/DoubleLaunchChecker/index.jelly

@@ -45,7 +45,7 @@ THE SOFTWARE.
         </tr>
       </table>
       <div>
-        <form action="${rootURL}/ignore">
+        <form method="post" action="${rootURL}/ignore">
           <f:submit value="${%label}" />
         </form>
       </div>