Fix: Add CSRF crumb token and duration field to snooze forms

LakshyaBagani · LakshyaBagani · commit 1c147bffca35 · 2026-02-02T10:44:00.000+05:30
diff --git a/core/src/main/resources/jenkins/diagnostics/ControllerExecutorsAgents/message.jelly b/core/src/main/resources/jenkins/diagnostics/ControllerExecutorsAgents/message.jelly
@@ -34,6 +34,10 @@ THE SOFTWARE.
         <f:submit name="no" value="${%Dismiss}"/>
       </form>
       <form method="post" action="${rootURL}/${it.url}/snooze" style="display: inline-flex; gap: 0.5rem; align-items: center;">
+        <j:if test="${h.isCrumbEncoded()}">
+          <input type="hidden" name="${h.crumbRequestField}" value="${h.getCrumb(request)}"/>
+        </j:if>
+        <input type="hidden" name="duration" value="custom"/>
         <input type="number" name="customMinutes" placeholder="Minutes" min="1" style="width: 80px;" class="jenkins-input" required="required"/>
         <f:submit value="${%Snooze}"/>
       </form>
diff --git a/core/src/main/resources/jenkins/diagnostics/ControllerExecutorsNoAgents/message.jelly b/core/src/main/resources/jenkins/diagnostics/ControllerExecutorsNoAgents/message.jelly
@@ -35,6 +35,10 @@ THE SOFTWARE.
         <f:submit name="no" value="${%Dismiss}"/>
       </form>
       <form method="post" action="${rootURL}/${it.url}/snooze" style="display: inline-flex; gap: 0.5rem; align-items: center;">
+        <j:if test="${h.isCrumbEncoded()}">
+          <input type="hidden" name="${h.crumbRequestField}" value="${h.getCrumb(request)}"/>
+        </j:if>
+        <input type="hidden" name="duration" value="custom"/>
         <input type="number" name="customMinutes" placeholder="Minutes" min="1" style="width: 80px;" class="jenkins-input" required="required"/>
         <f:submit value="${%Snooze}"/>
       </form>
diff --git a/core/src/main/resources/jenkins/model/BuiltInNodeMigration/message.jelly b/core/src/main/resources/jenkins/model/BuiltInNodeMigration/message.jelly
@@ -10,6 +10,10 @@
                 <f:submit name="no" value="${%Dismiss}"/>
             </form>
             <form method="post" action="${rootURL}/${it.url}/snooze" style="display: inline-flex; gap: 0.5rem; align-items: center;">
+                <j:if test="${h.isCrumbEncoded()}">
+                    <input type="hidden" name="${h.crumbRequestField}" value="${h.getCrumb(request)}"/>
+                </j:if>
+                <input type="hidden" name="duration" value="custom"/>
                 <input type="number" name="customMinutes" placeholder="Minutes" min="1" style="width: 80px;" class="jenkins-input" required="required"/>
                 <f:submit value="${%Snooze}"/>
             </form>
