Since upgrading to Jira 9.6 and Service Management 5.6, our users are receiving random XSRF errors throughout the day when using Jira Service Management. Here are a few of the errors from the logs:
2023-04-03 16:49:42,950-0300 https-openssl-nio-8444-exec-13 WARN user.name 1009x19665x1 1l6rkfq 192.168.2.1 /rest/jddap/1.0/attachment [c.a.p.r.c.security.jersey.XsrfResourceFilter] XSRF checks failed for request: https://atlassian.dieppe.ca:8444/rest/jddap/1.0/attachment , origin: https://atlassian.dieppe.ca:8444 , referrer: https://atlassian.dieppe.ca:8444/browse/TECH-18576
2023-04-03 16:32:37,619-0300 https-openssl-nio-8444-exec-23 INFO user.name 992x18803x1 t0uojt 192.168.2.1 /secure/WorkflowUIDispatcher.jspa [c.a.j.web.action.XsrfErrorAction]
The security token is missing for 'Shaun.Daigle'. User-Agent : 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36'
2023-04-03 15:15:19,776-0300 https-openssl-nio-8444-exec-16 WARN user.name 915x11633x1 mg4mvn 192.168.2.1 /secure/WorkflowUIDispatcher.jspa [c.a.j.web.dispatcher.JiraWebworkActionDispatcher] XSRF checks failed for action 'com.atlassian.jira.web.action.workflow.WorkflowUIDispatcher!execute' (recoverable: true, token present: true)
2023-04-03 12:38:50,075-0300 https-openssl-nio-8444-exec-9 WARN user.name 758x532x1 hjsr0p 192.168.2.1 /secure/QuickCreateIssue!default.jspa [c.a.j.web.dispatcher.JiraWebworkActionDispatcher] XSRF checks failed for action 'com.atlassian.jira.quickedit.action.QuickCreateIssue!default' (recoverable: true, token present: true)
Any idea how to resolve this issue?
Thanks
Shaun
The issue was likely caused by an old version of the SQL+JQL plugin for Jira. We have disabled the plugin and are monitoring to see if the issue goes away.
@Shaun Daigle, do you remember how you determined it to be this specific plugin? Did you tune some logging or something or just trial and error? Did the issue go away after disabling the plugin?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.