I am trying to develop an interface to the Bamboo API and all GET requests are working but when I try to make a POST to trigger a deployment I get a 403 error response with the message "XSRF check failed."
I have tried turning off the Enable XSRF Protection option in Bamboo security settings and restarting the Bamboo service, but that change has had no effect. (per the instructions in this article: https://confluence.atlassian.com/bamboo/configuring-xsrf-protection-427624344.html\).
Why does that setting in Bamboo have no effect?
I did try adding both of those headers but the issue persisted. I'm trying to make the request through a browser application (Angular), and it is my understanding that the browser removes the arbitrary Atlassian headers.
I'd like to understand why changing the setting in Bamboo does not resolve the issue. According to the confluence article I referenced that should have removed the XSRF requirement.
Ok, I think I overlooked that you mentioned "develop an interface", I thought you were executing simple REST calls. You are actually making these requests from the browser and having "Additional XSRF checks..." error, correct?
If so, what is happening is that the CORS filter blocking requests from a different domain (your application is definitely not on the same domain as Bamboo).
Please let me know if that helped you.
That makes sense, I already had to set up some filtering just to get the GET requests to pass through CORS. Then I ran into this issue again when I tried to send a POST.
In any case my application ended up needing some more back end functionality so I've created a .NET Core app that my UI connects to, and I can send the Bamboo requests from the back end with no issue.
Thanks for your help!
I'm happy to announce that Bamboo 7.1 has been released and it’s overflowing with awesome new features. Top-voted issues First and foremost, a bunch of JAC top voted issues has been delivered - y...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events