XSRF 检查失败 jQuery (Jira)
XSRF check failed with jQuery (Jira)
我正在尝试创建一个问题,但 returns "XSRF check failed" 错误。
我正在使用以下代码:
$.ajax({
async: true,
crossDomain: true,
url: 'https://testejiraloupen.atlassian.net/rest/api/2/issue',
method: 'POST',
headers: {
'Authorization': 'Basic ' + btoa('email:pass'),
'Content-Type': 'application/json',
/*'X-Atlassian-Token': 'nocache',*/
'Access-Control-Allow-Origin': '*',
'Access-Control-Alow-Methods': 'POST, GET, PUT, OPTIONS, DELETE',
'Access-Control-Max-Age': '3600',
'Access-Control-Allow-Headers': 'x-requested-with, content-type'
},
processData: false,
data: JSON.stringify(issue),
success: function(data) {
console.log('Issue created. Id >>> ' + data.id);
}, error: function(err) {
console.log(err);
}
});
谁能帮我解决这个问题?
这似乎是 Atlassian 的一个已知问题,由您的请求发送的用户代理引起。
它在他们的知识库中:"REST API calls with a browser User-Agent header may fail CSRF checks",cf https://confluence.atlassian.com/jirakb/rest-api-calls-with-a-browser-user-agent-header-may-fail-csrf-checks-802591455.html
另一个讨论帖在这里:https://community.atlassian.com/t5/Jira-questions/Jira-7-rest-api-XSRF-check-failed-for-post-issue-with/qaq-p/488706
总结:"Overwrite the User-Agent String with some dummy value, and it will work"
我在休息 api 时使用了以下 header 电话并且它有效。
X-Atlassian-Token: no-check
这是另一个关于 From 令牌处理的 wiki:https://confluence.atlassian.com/display/JIRA043/Form+Token+Handling?_ga=2.108983109.653657921.1530909405-1000252910.1505150128
对我有帮助:
Resolution: Since REST API doesn't require a User-Agent header, removing the header works.
我正在尝试创建一个问题,但 returns "XSRF check failed" 错误。 我正在使用以下代码:
$.ajax({
async: true,
crossDomain: true,
url: 'https://testejiraloupen.atlassian.net/rest/api/2/issue',
method: 'POST',
headers: {
'Authorization': 'Basic ' + btoa('email:pass'),
'Content-Type': 'application/json',
/*'X-Atlassian-Token': 'nocache',*/
'Access-Control-Allow-Origin': '*',
'Access-Control-Alow-Methods': 'POST, GET, PUT, OPTIONS, DELETE',
'Access-Control-Max-Age': '3600',
'Access-Control-Allow-Headers': 'x-requested-with, content-type'
},
processData: false,
data: JSON.stringify(issue),
success: function(data) {
console.log('Issue created. Id >>> ' + data.id);
}, error: function(err) {
console.log(err);
}
});
谁能帮我解决这个问题?
这似乎是 Atlassian 的一个已知问题,由您的请求发送的用户代理引起。
它在他们的知识库中:"REST API calls with a browser User-Agent header may fail CSRF checks",cf https://confluence.atlassian.com/jirakb/rest-api-calls-with-a-browser-user-agent-header-may-fail-csrf-checks-802591455.html
另一个讨论帖在这里:https://community.atlassian.com/t5/Jira-questions/Jira-7-rest-api-XSRF-check-failed-for-post-issue-with/qaq-p/488706 总结:"Overwrite the User-Agent String with some dummy value, and it will work"
我在休息 api 时使用了以下 header 电话并且它有效。 X-Atlassian-Token: no-check
这是另一个关于 From 令牌处理的 wiki:https://confluence.atlassian.com/display/JIRA043/Form+Token+Handling?_ga=2.108983109.653657921.1530909405-1000252910.1505150128
对我有帮助:
Resolution: Since REST API doesn't require a User-Agent header, removing the header works.