Hey,
I have installed Jira and Bitbucket on my teams servers, however whenever I try to add a tag or view the commits in a repository or even import from github, I get a 403 "XSRF check failed" error.
c.a.p.r.c.s.j.c.s.j.XsrfResourceFilter Additional XSRF checks failed for request...
Here is my Nginx config
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bitbucket.domain.com;
ssl_certificate /etc/letsencrypt/live/bitbucket.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bitbucket.domain.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/bitbucket.domain.com/chain.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:7990;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_cache_convert_head off;
proxy_cache_key $scheme$request_method$proxy_host$request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
}
client_max_body_size 0;
}
server {
listen 80;
listen [::]:80;
server_name bitbucket.domain.com;
location / {
return 301 https://bitbucket.domain.com$request_uri;
}
client_max_body_size 0;
}
Here is my bitbucket.properties file
#>*******************************************************
#> Migrated to database at jdbc:postgresql://ip:5432/bitbucket?targetServerType=master
#> Updated on 2020-09-07T14:02:08.739+02:00
#>*******************************************************
jdbc.driver=org.postgresql.Driver
jdbc.url=jdbc:postgresql://ip/bitbucket?targetServerType=master
jdbc.user=bitbucket
jdbc.password=this_is_a_placeholder
server.additional-connector.1.port=8081
server.secure=true
server.scheme=https
server.proxy-port=443
server.proxy-name=bitbucket.domain.com
The Base URL is: http://bitbucket.domain.com
If I were to change it to https, it says Base URL mismatch
Add Info:
I can access the server directly and I have no problems, so its the proxying.
I also can't use HTTP as its an HSTS server