Which HTTP request methods are required by JIRA?

Peter Legowski July 18, 2011

I hope this is not redundant. I've searched the forum without success. I've also searched the JIRA logs without success. The simple question: what are the HTTP request methods used by JIRA?

I need to find out which of these is in use: GET, POST, CONNECT, COPY, DELETE, HEAD, INVALID, LOCK, MKCOL, MOVE, OPTIONS, PATCH, PROPFIND, PROPPATCH, PUT, TRACE, UNLOCK

I need to be able to specify which request methods are required by JIRA

I see from the tomcat docs that TRACE is off by default, so I assume that JIRA does not need it, but I do need to be certain.

Several of the others are webDAV specific. Is JIRA using webDAV?

Thanks in advance!

2 answers

0 votes
Peter Legowski July 24, 2011

From JIRA Support:

Basically, with 100% assurance we can say that the latest JIRA uses GET, POST, DELETE and PUT.

Unfortunately, we don't have an easy way to verify on usage of other methods. Each of frameworks can use and refer to the methods in a different way making a search through the code quite involving. For eg. they way how you refer to the HTTP methods in webwork is going to be different from JavaScripts. Moreover, any plugin installed in JIRA may also introduce some additional methods which we are not aware of.

What may work for you is to implement some sort of logic in your custom authenticator, which will allow you to log methods that are currently not supported/not handled by his integration. This list would allow them to extend the implementation according their needs.

Alternatively, you could use JIRA for some time with out the SSO integration and sniff on the requests used by their application. It should allow you to capture most of the methods used by your JIRA system, including all the plugins.

I'll go with that

Christian Bär February 27, 2019

Hello,

I ran into a problem with the Manage Add-Ons or recently named Manage Apps page, where the plugins are retrieved, with a request using the HEAD method.

So, all systems with proxies not allowing the use of HEAD method do have a problem here.

At this point unsure, if my clients security admins will allow an exception for the system.

Version is Jira 7.13.1

0 votes
JamieA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
July 18, 2011

I presume this is for access control? It makes me wonder if you are trying to restrict access by verb and if so why.

AFAIK the web UI just uses get and post. The rest interface doesn't at the moment but probably will use delete and put as is standard.

As far as webdav is concerned that's only on through a particular plugin, and it's likely you don't have it.

Anyway that's to the best of my knowledge... I would consider why you need this though.

Suggest an answer

Log in or Sign up to answer