Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Unable to create jira tickets from Share point using Issue Collectors

Lakshmi S
Lakshmi S February 7, 2022

Hi Team,

We upgraded jira instance from 8.201 to 8.20.4 as per the security Vulnerability. Users complained they were not able to create jira tickets from Share point using Issue Collectors.  Only upgrade and reindex was happened other than this we did not change anything.

We found this from logs.

2022-02-07 11:17:27,135 http-nio-8080-exec-77 url: /rest/collectors/1.0/template/custom/76e17b8b WARN anonymous 677x13633435x6 - 206.224.73.126,172.31.10.60 /rest/collectors/1.0/template/custom/76e17b8b [c.a.p.r.c.security.jersey.XsrfResourceFilter] XSRF checks failed for request: https://atlassian.spscommerce.com/rest/collectors/1.0/template/custom/76e17b8b , origin: https://atlassian.spscommerce.com , referrer: https://atlassian.spscommerce.com/rest/collectors/1.0/template/form/76e17b8b

Attached screenshot for your reference.

issue collectors.PNG

Answer
Watch
Like Be the first to like this
643 views

1 answer

0 votes
Lakshmi S
Lakshmi S February 9, 2022

Response from Atlassian Support.

Thank you for contacting Atlassian support, and our apologies for the delayed response.

I understand that Issue Collectors have been failing recently, since you upgraded to Jira 8.20.4.

I've had a look in the support zip (thank you for that!) and I see the following warnings:

2022-02-08 09:20:25,507 http-nio-8080-exec-171 url: /rest/collectors/1.0/template/custom/a294c527 WARN anonymous 560x15483482x3 - 124.123.190.220,172.31.10.60 /rest/collectors/1.0/template/custom/a294c527 [c.a.p.r.c.security.jersey.XsrfResourceFilter] XSRF checks failed for request: https://atlassian.spscommerce.com/rest/collectors/1.0/template/custom/a294c527 , origin: https://atlassian.spscommerce.com , referrer: https://atlassian.spscommerce.com/rest/collectors/1.0/template/form/a294c5272022-02-08 09:20:27,026 http-nio-8080-exec-108 url: /rest/collectors/1.0/template/custom/a294c527 WARN anonymous 560x15483525x5 - 124.123.190.220,172.31.10.60 /rest/collectors/1.0/template/custom/a294c527 [c.a.p.r.c.security.jersey.XsrfResourceFilter] XSRF checks failed for request: https://atlassian.spscommerce.com/rest/collectors/1.0/template/custom/a294c527 , origin: https://atlassian.spscommerce.com , referrer: https://atlassian.spscommerce.com/rest/collectors/1.0/template/form/a294c527

Given the timing of this, you seem to be affected by this bug:

Which is the result of a fix for another bug, done in Jira 8.20.3:

The workaround is to return Jira to its prior behaviour:

The following workaround will disable XSRF checks for the issue collector, which was the behaviour prior to JRASERVER-73068. This may be tolerable for you, but it's worthwhile confirming within your organisation

Modify the reverse proxy / load balancer / WAF to add the following header to the request as it makes it's way to the Jira node:

  • Condition: Method: POST
  • Condition: Request URL: /rest/collectors/1.0/template/custom/*
  • Action: Add header: X-Atlassian-Token: no-check

Please have a look and let me know if this helps, or if you have any questions about the above. Thank you, and have a good day ahead.

View More Comments
chetan patil
chetan patil August 3, 2022

We have upgrade "JIRA Software server" version with 8.20.5 and still facing the same problem for "Issue Collectors"

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events