Hello -
Given the following Javascript I am not able to get a response back other than "Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403."
I have found a number of articles telling me to whitelist my base URL (x-domain issue) - however in my free cloud / dev instance of JIRA (http://ikaras.atlassian.net) - I am unable to see this as an option in the settings.
Is there a better way to test this? Eg: 100% locally?
Not quite sure what I'm missing per your docu. It would be really nice if the "get started" was a little more aimed at simply getting a local env running and not so much to how to get add-ons to work. My understanding is something like a simple self-hosted form that creates new issues via AJAX shouldn't be tough to get up (and shouldn't be an addon) and running; yet it is?
function req(dd) { $.ajax({ method: 'POST', url: 'https://dev-env.atlassian.net/rest/api/2/issue/', data: dd, dataType: 'json', contentType: 'application/json', beforeSend: function (xhr) { xhr.setRequestHeader('Authorization', makeBaseAuth("user","pass")); }, success: function(msg) { console.log(msg); }, error: function(msg) { console.log(msg) }, }); }
Community moderators have prevented the ability to post new answers.
Hi Ilia, I'm assuming that you are writing an Atlassian Connect add-on. We have quite a large number of tutorials for you to peruse but one I would really love you to see is the JIRA Project Activity one.
In this tutorial you can see how to accomplish what you are trying to do. Specifically, Atlassian Connect uses iframes to display your content:
Your add-on displays as an iframe of your web application.
The iframe is pointing to your add-on service at https://<your-addon-base-url>. This means that, if you try to use jQuery to make a request to https://dev-env.atlassian.net from that iframe then you are going to get cross-origin request problems.
To get around those problems Atlassian Connect has provided you with the AP.request javascript API. Which would mean that your request could become something like this instead:
function req(dd) { AP.require("request", function(request) { request ({ method: 'POST', url: '/rest/api/2/issue/', data: dd, dataType: 'json', contentType: 'application/json', success: function(msg) { console.log(msg); }, error: function(msg) { console.log(msg) } }); }); }
Robert - I'm not sure if an addon is what I am trying to build necessarily. Is it considered an addon if it's a standalone app hosted elsewhere simply interacting with JIRA data?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No, you have to specifically opt in to being an Add-on by providing an Atlassian Connect descriptor.
If that is what you are doing then the jquery request is not going to work because of the Cross Origin problem that I mentioned above. JIRA Cloud does not support CORS: https://jira.atlassian.com/browse/JRA-30371
You should use a server-server call instead of doing it inside the clients web browser.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Robert Massaioli is right, unfortunately CORS is not supported. How would you do a server-server call? Is a proxy needed for this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Marie Ritter, you just have to add a properly signed JWT token to the request from your addon to the Atlassian Product (https://developer.atlassian.com/static/connect/docs/latest/concepts/understanding-jwt.html). The Atlassian Connect Spring Boot and the atlassian-connect-express frameworks both do this for you. You can see here a list of frameworks that have implemented this flow.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Robert Massaioli I know but what if I want to use the REST API of an external server?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If the external server is controlled by you then you have two options:
If the external server is NOT controlled by you then you should read their third party documentation and work out which integration mechanisms are avaliable to you. Cheers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Robert Massaioli I'm trying to proxy my call through the addon server with the following code in my hbs file
AP.require(['request'], function(request) { request({ url: '/getdirectory', type: 'GET', success: function(data) { console.log("GET success"); console.log(data); }, error: function(data) { console.log("GET error"); console.log(data); } }); });
and this route in the index.js:
app.get('/getdirectory', addon.authenticate(), function(req,resorg){ var httpClient = addon.httpClient(req); var url = // external REST API console.log("TEST DIRECTORY!"); httpClient.post({ url: url, headers: { 'Cookie': 'JSESSIONID=' + jsessionid, additional_header : token}}, function(err1, res1, body1) { console.log(body1); resorg.setHeader('Content-Type', 'application/json'); resorg.send(JSON.stringify(body1)); }); });
I get a "403 Forbidden" response in my Javascript console (described this as well in my comment on https://answers.atlassian.com/questions/39787106). What am I doing wrong? I'm just trying to pass json data to the client.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
If you want to talk to JIRA or Confluence then use AP.request.
If you want to talk to your Addon then just use regular jQuery.ajax. (Or whatever JS AJAX library you prefer)
AP.request is only designed for use from your add-on iframe to the Atlassian products; not your add-on.
Also, in the future, please ask a new question. Please don't tack questions onto the answers of other peoples questions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Marie Ritter, the only reason that I wanted to encourage you to raise a new question is because I could have easily missed this one. By asking a new question, and tagging it with 'atlassian-connect', you have an excellently high chance of getting help with your Atlassian Connect questions. Cheers and I hope you're having a good time developing your add-on!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.