Cross-Site request forgery protection

1 minute readSecurity

CSRF protection is disabled by default. You can enable or disable CSRF protection as follows:

  • To enable CSRF protection, enter ecconfigure --webCsrfProtection=true. Examples using the default directory:

    • For Linux, enter

      /opt/cloudbees/sda//bin/ecconfigure --webCsrfProtection=true
    • For Windows, enter

      C:\Program Files\CloudBees\Software Delivery Automation\bin>ecconfigure --webCsrfProtection=true
  • To disable CSRF protection, enter ecconfigure --webCsrfProtection=false. Examples using the default directory:

    • For Linux, enter

      /opt/cloudbees/sda//bin/ecconfigure --webCsrfProtection=false
    • For Windows, enter

      C:\Program Files\CloudBees\Software Delivery Automation\bin>ecconfigure --webCsrfProtection=false