Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

CORS working in IE but not in Chrome

pageflourin
pageflourin July 6, 2017 edited

Hello,

 

i am currently working on integrating JIRA with my application that is hosted on my SharePoint site. i create an angular app that lets user create JIRA issue from the form. i have already added my sharepoint site as a domain name and wildcard expression in the Whitelist of JIRA security settings bur after doing that it seems that its only working in IE. When i try to remove (xhr.setRequestHeader('Authorization', 'basic: '+make_base_auth(username, password));) in my header i get 400 error but not the CORS error. i think this issue is related to https://jira.atlassian.com/browse/JRASERVER-30371. im not sure i really need to get this to work but im stuck. do we have other workarounds for this?

 

this is my code snippet:

 

 return $.ajax({
	            url: 'https://jira.xxxx.org/rest/api/2/issue/',
	            type: "POST",
	            data: parameters,
	            contentType: 'application/json',
	            dataType: 'JSON',
	            async: false,
	            processData: false,
	            crossDomain: true,
	            xhrFields: {
	            	withCredentials: true
	            },
	            beforeSend: function (xhr) {
	            	xhr.setRequestHeader('Authorization', 'basic: '+make_base_auth(username, password));
            	},
            error: function (errmsg) {
                console.log('error ocured:' + errmsg.statusText);
            },
            success: function (text) {
                console.log(text);
            },

and this is my error in chrome:

 

XMLHttpRequest cannot load https://jira.xxxx.org/rest/api/2/issue/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://xxxx.sharepoint.com' is therefore not allowed access.

 

 

my error in Edge:

SEC7120: Origin https://xxxx.sharepoint.com not found in Access-Control-Allow-Origin header.

SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.

 

Answer
Watch
Like Be the first to like this
5174 views

1 answer

0 votes
somethingblue
somethingblue
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 6, 2017

Hi Page,

I'm not sure about the code you posted, however, there is a knowledge base article titled CORS in JIRA - Server could not be contacted error during Create Issue modal dialog.  It lists the cause as such:

Chrome and Safari include an Origin header on same-origin POST/PUT/DELETE requests (same-origin GET requests will not have an Origin header). Firefox doesn't include an Origin header on same-origin requests.

You can refer to this Communities post for more information.

The knowledge base lists the fix as follows:

Specify Origin as allowed in CORS configuration of JIRA's web.xml:

<init-param>
 <param-name>cors.supportedHeaders</param-name>
 <param-value>Origin</param-value>
</init-param>

See if that helps.

Cheers,

Branden

 

View More Comments
pageflourin
pageflourin July 6, 2017 edited

Hi @Branden,

thank you,.

Like
somethingblue
somethingblue
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 7, 2017

Hi Page,

No worries.  I hope that helps!

Cheers,

Branden

Like
pageflourin
pageflourin July 7, 2017

Ive asked our jira server admin to perform the necessary changes.  will update you of it worked. 

Like
pageflourin
pageflourin July 12, 2017

Hi @Branden,

may i ask what is the path of the web.xml file to be changed? our server team is asking me.

Like
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.