XSRF Check Failed on Jira Server
Question
I am trying to call a POST (also tried a DELETE method) method of a Jira server rest api from an angular application. Unfortunately, I am getting 403 error and it's saying XSRF check failed
I tried adding X-Atlassian-Token: no-check but it does not do the trick for me. Also I tried replacing the header's value of 'User-agent' with a dummy one but I am getting
Here is the header
let headers = new HttpHeaders().set('content-type', 'application/json')
.set('X-Atlassian-Token','no-check')
.set('User-Agent','XX')
.append('Authorization', 'Basic ' + btoa(this.loginModel.username + ":" + this.loginModel.password));
I am getting completely frustrated because of this. Can anyone help me in this regard?
2 answers
solution1
0 2022-10-10 12:49:43
It is not possible to call protected APIs from third party websites as this would pose a security risk.
solution2
0 2023-01-24 14:04:27
The solution that I found to this problem is that you need to add an origin header that matches the domain that you are sending the request to. For example, if you are using Postman to send a request to https://foobar.example/ then set the Origin header to https://foobar.example/ . then it should work. You can find some information about it here https://confluence.atlassian.com/kb/cross-site-request-forgery-csrf-protection-changes-in-atlassian-rest-779294918.html
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.