Gantt Gadget in confluence is given the AJAX-based request error


When I setup the Gantt-Chart Gadget in Confluence page, it is given the below error message.

Security aspect:
You are not allowed to request content from within the JIRA Gantt-Chart gadget, most likely due to your same-origin-policy!

AJAX-based request to denied.
Please contact your administrato

Our system configuration is like below;

I used the apache with reverse proxy and tomcat and each machine is consisted of same apache and tomcat structure.

Jira Server URL :

Confluence Server URL :

Also, I used the trusted application as Application Links.

Other plugins, Structure and Agile is well working in this environments.

Can you give me any suggestion to solve this problem ?


Inchul, Yoo

1 answer


my Gantt-Chart Gadget loads additional data via AJAX using JIRA's baseUrl. Please ensure, that your local setup of Confluence and JIRA do not violate the "same origin policy" (have a look at wikipediaand other online sources for more details). This security aspect might block your Gadget! - I do not implement any workaround to overrule that browser security and Atlassian by itself has swiched away from using e.g. JSONP. Application Links are used for authentication and authorization on a higher OSI-level and have nothing to do with lower level security on the basis of http.

My suggestion is to configure baseUrls llike "" and "" in order to fullfil the security requirements (keep same internet-protocol, domain and port for Confluence and JIRA). If you want to operate with 2 different Tomcats, each per Atlassian application, you should put a http-server like Apache in front of them on "", redirecting to JIRA or Confluence based on the following path.

As an alternative, you can use a reverse proxy: setting up a simple reverse proxy on the server, will allow the browser to use relative paths for the Ajax requests, while the server would be acting as a proxy to any remote location.

If using mod_proxy in Apache, the fundamental configuration directive to set up a reverse proxy is theProxyPass. It is typically used as follows:


In this case, the browser would be able to request /ajax/web_service.xml as a relative URL, but the server would serve this by acting as a proxy to

Beside this, one interesting feature of the this method is that the reverse proxy can easily distribute requests towards multiple back-ends, thus acting as a load balancer, too (if you have a large clustered implementation of JIRA/Confluence).


Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Feb 06, 2019 in Confluence

Try out the new editing experience

Hi team, I’m Avinoam, a product manager on Confluence Cloud, and today I’m really excited to let the Community know that all customers can now try out the new editing experience and see some of the ...

1,477 views 114 8
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you