Jira attachment issue

Hi Team,

File upload is not working for the users other than admin. It throws "internal error" and in console getting "NullPointerException" error in attachment rest api. Any idea?

 

I have added permission for the user. Currently create attachment permission is given for project role(user) and the logged in user has all the roles (user,developer and admin) . Still throws error. Please advice.

[INFO] [talledLocalContainer] 2015-08-07 15:16:57,651 http-bio-2990-exec-12 ERROR testuser 916x9081x1 rx6osm  /rest/internal/2/AttachTemporaryFile [common.error.jersey.ThrowableexceptionMapper] Uncaught exception thrown by REST service: null

[INFO] [talledLocalContainer] java.lang.NullPointerException

[INFO] [talledLocalContainer]   at com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults.allowsOrigin(HealthCheckCorsDefaults.java:27)

.....

2 answers

This widget could not be displayed.

We see a similra exception for some REST requests. Did you solve your problem? {noformat} 2015-08-20 01:06:53,949 ajp-apr-8009-exec-9 ERROR 192.168.44.52 /rest/api/1.0/shortcuts/64025/a076481fbc20247e45a61ce27a568736/shortcuts.js [common.error.jersey.ThrowableExceptionMapper] Uncaught exception thrown by REST service: null java.lang.NullPointerException at com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults.allowsOrigin(HealthCheckCorsDefaults.java:27) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter$1.apply(CorsResourceFilter.java:274) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter$1.apply(CorsResourceFilter.java:271) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:649) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) at com.google.common.collect.Iterables.isEmpty(Iterables.java:1052) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.validateAnyOriginInListInWhitelist(CorsResourceFilter.java:210) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.filter(CorsResourceFilter.java:123) {noformat}

This widget could not be displayed.

Same problem here, tried to comment a issue over REST API with POST command like the following:

FYI: I Use CasperJs for GUI Testing, but its an encapsulated JS HTTP Request:

/* Opening the JIRA API and add Comment */
casper.thenOpen("https://my-company.atlassian.net/rest/api/2/issue/ISSUE-11/comment", {
method: "POST",
 headers: {
"Content-Type" : "application/json",
 "Authorization": "Basic MY-BASE64-HASHED-CREDENTIALS",
 "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
 },
 data:{"body":"CASPERJS: THIS IS A TEST."}
}).waitForUrl("https://my-company.atlassian.net/rest/api/2/issue/ISSUE-11/comment", function () {
  casper.capture("../JIRA.png");
});

it does nothing special, only committing an Comment to the Issue and taking a screenshot after.....

Authorization seems to run without problems because GET works, i get all Comments after requesting same URL like above......but with POST i get 500 Error:

 

JIRA.png

 

Maybe its a https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy problem.

I assume this because with CURL or other adequate Browser REST Plugins it works with the same payload and headdata

We worked around this by patching atlassian-healthcheck com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults {code} @Override public boolean allowsOrigin(String origin) throws IllegalArgumentException { URI normalizedOrigin = URI.create(origin).normalize(); String originHost = normalizedOrigin.getHost(); // check for null, because normalizedOrigin might not be an URL (yet) if (originHost != null) { for (String allowedOrigin : ALLOWED_ORIGINS) { if (originHost.endsWith(allowedOrigin)) { return true; } } } return false; } {code} As far as I understand it, we are doing something wrong regarding the header. See https://jira.atlassian.com/browse/JRA-45006

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Friday in Jira

New 5k User Limit and Other Cloud Updates

Hi all! Lauren here from the Enterprise Cloud marketing team.  I have some exciting Cloud updates from #AtlassianSummit that I wanted to share. We want everyone in your organization to be ab...

92 views 0 3
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you