Jira attachment issue

Hi Team,

File upload is not working for the users other than admin. It throws "internal error" and in console getting "NullPointerException" error in attachment rest api. Any idea?

 

I have added permission for the user. Currently create attachment permission is given for project role(user) and the logged in user has all the roles (user,developer and admin) . Still throws error. Please advice.

[INFO] [talledLocalContainer] 2015-08-07 15:16:57,651 http-bio-2990-exec-12 ERROR testuser 916x9081x1 rx6osm  /rest/internal/2/AttachTemporaryFile [common.error.jersey.ThrowableexceptionMapper] Uncaught exception thrown by REST service: null

[INFO] [talledLocalContainer] java.lang.NullPointerException

[INFO] [talledLocalContainer]   at com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults.allowsOrigin(HealthCheckCorsDefaults.java:27)

.....

2 answers

We see a similra exception for some REST requests. Did you solve your problem? {noformat} 2015-08-20 01:06:53,949 ajp-apr-8009-exec-9 ERROR 192.168.44.52 /rest/api/1.0/shortcuts/64025/a076481fbc20247e45a61ce27a568736/shortcuts.js [common.error.jersey.ThrowableExceptionMapper] Uncaught exception thrown by REST service: null java.lang.NullPointerException at com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults.allowsOrigin(HealthCheckCorsDefaults.java:27) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter$1.apply(CorsResourceFilter.java:274) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter$1.apply(CorsResourceFilter.java:271) at com.google.common.collect.Iterators$7.computeNext(Iterators.java:649) at com.google.common.collect.AbstractIterator.tryToComputeNext(AbstractIterator.java:143) at com.google.common.collect.AbstractIterator.hasNext(AbstractIterator.java:138) at com.google.common.collect.Iterables.isEmpty(Iterables.java:1052) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.validateAnyOriginInListInWhitelist(CorsResourceFilter.java:210) at com.atlassian.plugins.rest.common.security.jersey.CorsResourceFilter.filter(CorsResourceFilter.java:123) {noformat}

Same problem here, tried to comment a issue over REST API with POST command like the following:

FYI: I Use CasperJs for GUI Testing, but its an encapsulated JS HTTP Request:

/* Opening the JIRA API and add Comment */
casper.thenOpen("https://my-company.atlassian.net/rest/api/2/issue/ISSUE-11/comment", {
method: "POST",
 headers: {
"Content-Type" : "application/json",
 "Authorization": "Basic MY-BASE64-HASHED-CREDENTIALS",
 "User-Agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36"
 },
 data:{"body":"CASPERJS: THIS IS A TEST."}
}).waitForUrl("https://my-company.atlassian.net/rest/api/2/issue/ISSUE-11/comment", function () {
  casper.capture("../JIRA.png");
});

it does nothing special, only committing an Comment to the Issue and taking a screenshot after.....

Authorization seems to run without problems because GET works, i get all Comments after requesting same URL like above......but with POST i get 500 Error:

 

JIRA.png

 

Maybe its a https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy problem.

I assume this because with CURL or other adequate Browser REST Plugins it works with the same payload and headdata

We worked around this by patching atlassian-healthcheck com.atlassian.healthcheck.core.security.HealthCheckCorsDefaults {code} @Override public boolean allowsOrigin(String origin) throws IllegalArgumentException { URI normalizedOrigin = URI.create(origin).normalize(); String originHost = normalizedOrigin.getHost(); // check for null, because normalizedOrigin might not be an URL (yet) if (originHost != null) { for (String allowedOrigin : ALLOWED_ORIGINS) { if (originHost.endsWith(allowedOrigin)) { return true; } } } return false; } {code} As far as I understand it, we are doing something wrong regarding the header. See https://jira.atlassian.com/browse/JRA-45006

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Thursday in Jira

5 ways you can make the most of Jira Software and Bitbucket Cloud

As part of the Bitbucket product team I'm always interested in better understanding what kind of impact the use of our tools have on the way you work. In a recent study we conducted of software devel...

77 views 0 5
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you