im not what i did but i have been having error with my front end app communicating with JIRA via REST API. i need to create issues via my app and send a POST request. but i am really having errors with CORS. i have asked our server techs to add the response headers the webxml as instructed here.
and other resources. but they didnt work my jira dev environment is not accessible everytime i update my webxml. i walways get error 404. so we had to refresh the changes.
anyway when i ran the code, i didnt get the usual CORS issue error i have but i had this error in chrome:
XMLHttpRequest cannot load https://jira-dev.....org/rest/api/2/issue/. Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response.
here is my code:
return $.ajax({
url: 'https://jira-dev.cambridge.org/rest/api/2/issue/',
type: "POST",
data: parameters,
contentType: 'application/json',
//contentType: 'application/x-www-form-urlencoded; charset=UTF-8',
dataType: 'JSON',
async: false,
processData: false,
crossDomain: true,
xhrFields: {
withCredentials: true
},
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', 'basic: '+make_base_auth(username, password));
},
error: function (errmsg) {
//console.log('error ocured:' + errmsg.statusText);
return errmsg;
},
success: function (text) {
//console.log(text);
return text;
},
This is related to the messed up CORS implementation by atlassian. If you make something else as a GET request, e.g. (POST, PUT, DELETE) the browser performs a pre-flight request. This is a HEAD request checking if the requested resource allows for the method and specific headers. Unfortunately on a lot of Atlassians products these headers are not set properly. We addressed this by wring a add-on containing a servlet filter for all desired resources that handles pre-flight requests and allows the proper headers.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.