Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Site completely broken with CORS rejected issues in firefox?

Andrew Mainland
Andrew Mainland
Contributor
June 19, 2020

I'm completely unable to use firefox I get dozens of errors like

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://jira-frontend-static.prod.public.atl-paas.net/assets-brotli/vendor~31ecd969.8c519aa0eb248d60cafd.8.js. (Reason: CORS request did not succeed).

 

I'm just browsing to the site. Firefox url ->> <site>.atlassian.net ->> Does not load ->> console errors

 

 

Answer
Watch
Like # people like this
42632 views

1 answer

3 votes
Andrew Mainland
Andrew Mainland
Contributor
June 19, 2020

This firefox add-on fixes it: https://addons.mozilla.org/en-US/firefox/addon/cross-domain-cors/

 

This is a CORs issue. I believe that Firefox has implemented CORs correctly and atlassian is broke. 

 

Top notch support btw

View More Comments
Andrew Mainland
Andrew Mainland
Contributor
June 22, 2020

BTW, the fact add-on fixes it is a BAD thing.

Like
Andrew Mainland
Andrew Mainland
Contributor
June 22, 2020

(Atlassian's top notch support just emailed me that there was a fix to my problem)

Like
Andrew Mainland
Andrew Mainland
Contributor
June 22, 2020

lol I just got a badge for first accepted answer.

Like
John Funk
John Funk
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 23, 2020

Hey Andrew - have you entered a support ticket with Atlassian? 

Like
Peter PJ Wickwire
Peter PJ Wickwire
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 1, 2020

@Andrew MainlandWhat was the fix? I still see the issue with the latest version of firefox.

Like
Andrew Mainland
Andrew Mainland
Contributor
July 1, 2020

The "fix" that I put above was only to confirm that this is a problem that atlassian needs to address.

That "fix" works by overriding Firefox's security mechanism (turning off CORS completely) What I think should happen is that the devs at atlassian head over to mozilla's documentation read it and then adjust the headers accordingly.  

Had this been my company I do not imagine the end user would notice this bug for longer than 1 hour max.

Like Henry Ford likes this
Mikalai Karol
Mikalai Karol
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 14, 2020

I had exactly the same problem - thanks for the solution

Like
ngiesen
ngiesen
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 23, 2020

Same here, but with another CDN:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://a.trellocdn.com/prgb/dist/br/snowplow.0949d401c08948310f2f.js. (Reason: CORS request did not succeed).

And more of those on the same domain.

The board in question does *not* have the access-control-allow-origin header set.

This really needs fixing (and it shocks me that other browsers, such as chrome, do let you through, in absence of access-control-allow-origin header).

Like
Andrew Mainland
Andrew Mainland
Contributor
October 23, 2020

It's obvious that Atlassian either doesn't care, doesn't "get it".

& If they fixed this tomorrow, I'd have to recommend switching to another product.

Eventually there is going to be another security bug and we'd have to expect the same response.

Like
Alberto Maturano
Alberto Maturano
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 23, 2020

It's there a ticket to follow? This is really annoying

Like
Henry Ford
Henry Ford
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 14, 2021

I'm very interested in this issue as this problem started for me today, despite it being reported more than year ago.

My problem is that our domain at https://(mycompany).atlassian.net isn't allowed to load resources from https://jira-frontend-static.prod.public.atl-paas.net/assets-brotli/async-all-dev-panel.6ba0ceb7e0562f66cff1.8.js

Further issues I face are that:

  • I cannot raise a ticket for this problem on Atlassian as we have an admin in our company whom I don't know how to reach.
  • This problem started only recently
  • I can't work until I have a work-around/fix
Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events