how to use ajax to trigger jenkins job build?

Question

I'm writing a web page to let others can trigger the some jobs' build with parameters in jenkins. So I use ajax to send POST request:

var urlString = "http://localhost:8080/job/myjob/buildWithParameters";

$.post(
    urlString,
    {myParam:"there is some data"},
    function(data)
    {
        alert(data);
    },
    "json"
);

But I got Http 403 response:

XMLHttpRequest cannot load http://localhost:8080/job/myjob/buildWithParameters. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 403.

I know the cross site problem , but I cannot search any helpful information from Google, can ajax do this job?

UPDATE: I found a similar question

So I update my code to :

$.ajax({                              
    type: "POST",
    url: urlString,
    dataType: 'jsonp',
    data: {},
    beforeSend: function(xhr){
        xhr.setRequestHeader("Authorization", "Basic " + btoa("admin:123456"));
    },
    success: function(data) {
    },             
    complete: function(xhr, statusText){
    }                                                                 
});

I can confirm the username and password is correct , but I got 405 Method Not Allowed. Is there anything wrong?

score 1 · Accepted Answer · answered Apr 14 '15 at 21:51

1

Put your web page in the userContent folder under $JENKINS_HOME directory. Then open $JENKINS_URL/userContent/yourwebpage.html in your browser. Now the javascript in the page is loaded from the same origin where ajax calls will go, so it should be allowed without CORS tricks.

answered Apr 14 '15 at 21:51

sti

11,047
1
27
27

For security reasons, Jenkins now prohibits by default the [execution of scripts in the userContent folder](https://wiki.jenkins.io/display/JENKINS/Configuring+Content+Security+Policy#ConfiguringContentSecurityPolicy-RelaxingTheRules). – user5365075 Nov 20 '17 at 08:24

score 0 · Answer 2 · edited May 23 '17 at 12:15

0

Jenkins want a POST not a GET HTTP request, a JSONP request is a GET: you can't do that :D

You can try to do in these way:

Startup jenkins with the AJP binding as described here
Configure Apache2 httpd as a reverse proxy for the Jenkins AJP
Force in Apache2 response header as described here to enable CORS

At the end you can use directly POST instead of JSONP.

have fun with XSS :D

edited May 23 '17 at 12:15

Community

1
1

answered Apr 14 '15 at 15:15

aqquadro

1,027
10
17

how to use ajax to trigger jenkins job build?

2 Answers2