Using JIRA Cloud. When I use cURL to create an issue, I get the response "XSRF check failed". If I pass the wrong auth credentials I get a 401 error. I am using Basic HTTP auth. I am passing the X-Atlassian-Token: no-check header.
This was working fine until a few weeks ago. Any help is appreciated.
how do you deal with this when the rest call is made form javascript in the browser?
As far as I'm aware it's not possible to alter the origin header
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sorry for the slow response. Atlassian has insane rules about people posting once every 24 hours until they get 3 points. I also tried that. Found several articles about that bug. I get the same error with nocheck and no-check. Here are the curl headers I am sending. POST /rest/api/latest/issue/ HTTP/1.1 Authorization: Basic ****removed***** User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1 Host: ppwizard.atlassian.net Accept: */* Content-Type: application/json X-Atlassian-Token: nocheck Content-Length: 160 post data is {"fields":{"project":{"key":"PMSS"},"summary":"test2","description":"test2\n\nKeith Comer [mailto:keith@propertypreswizard.com]\n","issuetype":{"name":"OOBB"}}} I get HTTP/1.1 403 Forbidden returned with XSRF check failed
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
For the benefit of others, depends upon the version. The v5.10 Confluence REST API gave me the following. Presumably JIRA followed suit.
"Use of the 'nocheck' value for X-Atlassian-Token has been deprecated since rest 3.0.0. Please use a value of 'no-check' instead."
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.