I'm currently writing a Java jenkins plugin and I'm facing a problem with stapler and Java-Javascript method bind.
My java file contains a method that I want to use in my jelly file when a button is clicked :
@JavaScriptMethod
public void method() {
...
}
var it = <st:bind value="${it}"/>
$('#Btn').click(function() {
it.method();
});
This is simple and is supposed to work but the header in the request made by stapler used "Crumb" as CSRF token and jenkins is expecting "Jenkins-Crumb" so I get a 403.
This stackoverflow post was the same problem as mine but is quite old and I tried renaming the header by editing the request and then got a 500 with "Crumb didn't match" (/crumbIssuer/api/json give the same token as provided so no reasons).
I'm using Jenkins v2.452.1.
I've just found the reason for this problem. The "crumb" js variable injected by Jenkins contained neither the crumb cookie nor the header name.
I then searched the js code of jenkins and found that these values were retrieved from the HTML head tag. The head did not contain the properties linked to the crumb.
In my jelly, I had encapsulated my <l:layout> tag in a div tag. So the problem was simply a styling error that didn't cause any visual problems.
If you face the same issue (I know it's hard to find answers about Jenkins plugin development), make sure your head tag contains crumb value and crumb header name and check your jelly file.