Secure Requester Whitelist


Allows an administrator to specify sites trusted to make JSONP or primitive-XPath REST API requests.


Use Manage Jenkins » Configure Global Security to make this configuration.

  • Allow requests without Referer: if checked, then requests with no HTTP Referer will be allowed.
  • Domains from which to allow requests: a space and/or newline-separated list of domains to allow requests from.

There is on-line help available for each option.


Version 1.5 and newer

See GitHub releases.

Version 1.4 and older

See historical changelog.