Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

CORS issue with a third party API call from a confluence page

Renato Veloso
Renato Veloso December 30, 2021

Hi!

I have a piece of javascript code embedded on a confluence page which intends to retrieve results from a third party API. Whenever I execute the javascript code with the call to the RESTfull API I get the following error message:

  • Access to fetch at 'https://api.thirdparty.com/endpoint' from origin 'https://portal.mycompany.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

 

This Confluence page is hosted on a server owned by my company but I don't have admin access to the server. Does anyone know how I can solve this CORS issue? Below the code I'm using:

<!DOCTYPE html>
<html>

<button onclick="AccountBalance()">Get Balance</button>

<script>
'use strict'

function AccountBalance() {
var myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Authorization", "Basic xpto");

var raw = JSON.stringify({

"testcaseId": "123456",
"database": "kpi",
"table": "Main"

});


var requestOptions = {
method: 'POST',
headers: myHeaders,
body: raw,
credentials: 'include',
redirect: 'follow'
};

 

fetch('https://api.thirdparty.com/endpoint', requestOptions)
.then(response => response.text())
.then(result => console.log(result))
.catch(error => console.log('error', error));
}
</script>
</html>

 

Thanks!

BR

Answer
Watch
Like Be the first to like this
1428 views

1 answer

0 votes
Fabian Lim
Fabian Lim
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 31, 2021

Hi @Renato Veloso

I found this thread that may assist. Link: https://community.atlassian.com/t5/Confluence-questions/Access-to-API-Rest-blocked-by-CORS/qaq-p/1230614

If you still have issues open a support ticket with atlassian.

Regards

View More Comments
Renato Veloso
Renato Veloso January 3, 2022

Hi @Fabian Lim 

I think the issue described on that thread (and the recommended solution), does not apply to my problem since I don't have admin access to the confluence server.

I have access to the confluence web pages where I can edit these web pages with some built-in forms available on confluence (HTML code, SQL query, etc) but I dont see how I can "Add the header via Tomcat by adding the following to <confluence-install>/confluence/WEB-INF/web.xml:

    <!-- Tomcat built in CORS implementation -->
    <filter>
      <filter-name>CorsFilter</filter-name>
      <filter-class&gt;org.apache.catalina.filters.CorsFilter</filter-class&gt;
    </filter>
    <filter-mapping>
      <filter-name>CorsFilter</filter-name>
      <url-pattern>/*</url-pattern>
    </filter-mapping>
    <!-- End of built in CORS implementation -->
Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events