I have a Hybrid application using cordova and angular that utilizes the JIRA rest service. I am doing a simple call to add a comment to a JIRA ticket using ajax. All calls were working until the recent upgrade to JIRA 7. After the upgrade all calls except POST still succeed.
var data = {
"body": "quick comment",
};
var req = {
method: 'POST',
url: 'https://our.jiraserver.com/jira/rest/api/2/issue/{issuekey}/comment',
headers: {
'Authorization': 'Basic garbeldygoopasdfasdf',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin':'*'
},
data: data
};
$http(req).then(function(response){
console.log('success', response);
}, function(error){
console.log('errpr', error);
});
A trimmed version of the error the server is throwing (for those TL;DR's)
message: "Expected authority at index 7: file://"
stack-trace: "java.lang.IllegalArgumentException: Expected authority at index 7: file://↵ at java.net.URI.create(URI.java:852)↵ at com.atlassian.applinks.cors.auth.DefaultCorsService.getApplicationLinksByOrigin(DefaultCorsService.java:56)↵ at com.atlassian.applinks.cors.auth.AppLinksCorsDefaults.allowsOrigin(AppLinksCorsDefaults.java:42)↵ at com.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilter$1.apply(XsrfResourceFilter.java:255)↵ at com.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilter$1.apply(XsrfResourceFilter.java:252)↵ at com.google.common.collect.Iterators.indexOf(Iterators.java:778)↵ at
I will note again these calls worked until very recently... as a workaround I setup a node/express servers to simply bounce my api calls through. I send the data there, it makes the same request and succeeds and passes the data back to my app. Of course this isn't ideal as I now have a split code base.
I went to Atlassian support who basically told be they cannot assist with third-party development.
Any suggestions or help would be greatly appreciated.
Related
I've got a problem and I have no idea why it appears. The circumstances of its appearance are very strange for me...
I've got a POST REST service /login. It expects json {"email":email,"password":password}. I am using ajax and everything works correctly... except for the case when email (is in real format) contains '#' sign and some letters before and after( I know it is strange but only in this case such error appears). When I pass email i.e "mum#mum.com" then few things are happening:
I see that browser sends GET request instead of POST and obtains 304 http status
In the browser console I see infomation "The development server has disconnected. Refresh the page if necessary" and page refreshes automatically
The above things happen only when email is in format I described above.When I pass "aaa" or "aaa#" as email everything works correctly(browser sends POST request and I don't get error in console).
I honestly have no idea why this happens... would be extremely grateful for your help and I will answer all your questions concerning this.
PS.
When I use REST web service tool in IntellJ everything always works fine.
handleLogin() {
const input = {
email: this.state.email,
password: this.state.password
};
$.ajax({
url: CONST.USER_SERVICE + "/login",
type: "POST",
data: JSON.stringify(input),
contentType: "jsonp"
})
.fail(function () {
alert("Wrong data");
})
.always(function (arg1, arg2, arg3) {
if (arg3.status === 200) {
alert("ok!");
}
}.bind(this));
}
Try making the ajax request like data: input without stringify. Ajax expects an object.
I am trying to use the Rally web service API to reorder 2 items.
From looking at the documentation i should be able to do:
$.ajax({
url: https://rally1.rallydev.com/slm/webservice/v2.0/task/12345?rankAbove=/slm/webservice/v2.0/task/56789,
type: 'PUT',
headers: { Authorization: Basic mytoken },
success: function(data) {
//do something
}
});
but i'm getting an error:
Cannot parse input stream due to I/O error as JSON document: Parse error: expected '{' but saw '' [ chars read = \u003E\u003E\u003E\u003C\u003C\u003C ]"
The documentation doesn't seem to reveal what I could be doing wrong.
Cheers for your help
You won't be able to use basic auth to do this because there is an additional CSRF token you need to pass. I think you can make it work with an api key though:
headers: { zsessionid: myToken }
You didn't have any issues with reading data because the CSRF protection only kicks in when attempting to modify data.
For what it's worth, the App SDK generally handles most of this complexity for you. It looks like you're using jquery in your app here instead, which is why you need to do this low level stuff...
I'm having 2 projects:
1) Restful Project with jdbc spring security (username:password) => port:9091
2) HTML5 Application with a JQGrid => port:9092
I have disabled csrf token in both the projects. Now, I'm able to hit the rest service successfully from browser and using postman and by passing the credentials
But when I try to hit the service from HTML5 Application (Jqgrid), I'm see that XHR Call is ending with status 302 and I'm not getting the results back.
So, please guide me on the same.
Additional Points:
I'm able to successfully hit the rest service from postman by passing basic authentication. But from JQGrid, I'm not able to query data even after using below code in my JQGrid. It always goes to status 302. (An FYI, I'm using stateless authentication in my spring security) :
loadBeforeSend: function(jqXHR) {
jqXHR.setRequestHeader("Authorization", CURRENT_AUTH_KEY);
},
beforeSend: function (request)
{
request.withCredentials = true;
request.setRequestHeader("Authorization", CURRENT_AUTH_KEY);
},
ajaxEditOptions: {
beforeSend: function(jqXHR) {
jqXHR.setRequestHeader("Authorization", CURRENT_AUTH_KEY);
}
},
ajaxGridOptions: { Authorization: CURRENT_AUTH_KEY } ,
I have double, triple, and quadruple checked that I have the right master key that I'm passing. My parameters are taking directly from the UA website also so it can't be that. Anyone see what I'm doing wrong here???
Parse.Cloud.define("sendPush", function(request, response) {
var Buffer = require('buffer').Buffer;
var parameters = {
"audience" : "all",
"device_types" : "all",
"notification" : {
"alert" : "Hello from Urban Airship."
}
};
var params = JSON.stringify(parameters);
Parse.Cloud.httpRequest({
url: "https://go.urbanairship.com/api/push/",
method: 'POST',
headers: {
"Content-Type" : "application/json",
"Authorization" : 'Basic ' + new Buffer('MASTER_KEY').toString('base64'),
"Accept" : "application/vnd.urbanairship+json; version=3;"
},
body: params,
success: function(httpResponse) {
response.error(httpResponse);
},
error: function(httpResponse) {
response.error('Request failed with response code ' + httpResponse.status);
}
});
});
I've also tried adding in APP_SECRET:
"Authorization" : 'Basic ' + new Buffer('APP_SECRET':'MASTER_KEY').toString('base64'),
It's not clear from your code sample if you are including the app key in your request. API requests to Urban Airship use HTTP basic authentication. The username portion is the application key and the password portion in this case is the master secret. The application secret is restricted to lower-security APIs and is for use in the distributed application. The master secret is needed for sending messages and other server API requests.
Urban Airship provides a guide for troubleshooting common API issues.
I had the same problem and tried to figure it out by Network diagnosing tools for more than two days. Because after debugging I checked that I send the right credentials to UA. After all I called the UA and ask them to check the Credentials (in my case was appKey and appToken for streaming with java-connect API) if they are still valid. They checked and approved the validation but just in case sent me a new credentials. And I could connect with the new credentials!
It is for sure a bug by UA because I tested the whole time by another test application, which was a Desktop java application and I could connect to the server (with the same appKey and appToken) and get the events, but I got 401 error in my main Application, which was a Web Application running on TomCat 8.0 . It means It worked in a same time in with the same credential for one application and did not work for another application.
I'm developing a django system and I need to create a chat service that was in real-time. For that I used node.js and socket.io.
In order to get some information from django to node I made some ajax calls that worked very nice when every address was localhost, but now that I have deployed the system to webfaction I started to get some errors.
The djando server is on a url like this: example.com and the node server is on chat.example.com. When I make a ajax get call to django I get this error on the browser:
XMLHttpRequest cannot load http://chat.example.com/socket.io/?EIO=3&transport=polling&t=1419374305014-4. Origin http://example.com is not allowed by Access-Control-Allow-Origin.
Probably I misunderstood some concept but I'm having a hard time figuring out which one.
The snippet where I think the problem is, is this one:
socket.on('id_change', function(eu){
sessionid = data['sessionid']
var options = {
host: 'http://www.example.com',
path: '/get_username/',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': sessionid.length
}
}
var request = http.request(options, function(response) {
response.on('data', function(msg){
console.log('Received something')
if(response.statusCode == 200){
//do something here
}
}
})
})
request.write(sessionid);
request.end();
});
And I managed to serve socket.io.js and make connections to the node server, so this part of the setup is ok.
Thank you very much!
You're bumping into the cross origin resource sharing problem. See this post for more information: How does Access-Control-Allow-Origin header work?
I am NOT a Django coder at all, but from this reference page (https://docs.djangoproject.com/en/1.7/ref/request-response/#setting-header-fields) it looks like you need to do something like this in the appropriate place where you generate responses:
response = HttpResponse()
response['Access-Control-Allow-Origin'] = 'http://chat.example.com'