Why do I receive lots of Found Invalid Crumb warnings in the logs?

Issue

You receive lots of warnings in your logs with the following pattern:

WARNING: Found invalid crumb xxxxxxxxxxxxx. Will check remaining parameters for a valid one... 
hudson.security.csrf.CrumbFilter doFilter 
WARNING: No valid crumb was included in request for /ajaxExecutors. Returning 403.

Environment

CloudBees Jenkins Operations Center

Resolution

The issue is related to JENKINS-40344. This bug materializes in the logs if you have CSRF protection enabled (which is a recommended practice). To learn more about CSRF Protection, you can click here.

In the meantime, and as a workaround, you can avoid flooding your logs with these messages by changing the log level to SEVERE on the following logger hudson.security.csrf.CrumbFilter.

In order to do this, please follow the procedure below:

  • Navigate to Jenkins > Manage Jenkins > System Log > Log Levels.
  • Write hudson.security.csrf.CrumbFilter in the textbox, select the SEVERE level value and then click submit.
Was this article helpful?
1 out of 2 found this helpful

Have more questions?

0 Comments

Please sign in to leave a comment.