填坑日志(20250402)解决Jira Rest API出现403XSRF check failed报错的问题
原因
最近写点Jira自动化小工具,get都ok,进行工作流变更时跳出来这个:
403XSRF check failed
费了半天劲查了资料,官方是这么描述这个特性的
A REST request is subject to origin CSRF checks if the following conditions are met:
1、the request is a POST request (the http verb is POST)
2、the request is from a known browser
3、the request is sending a content-type which is not one of the following
application/x-www-form-urlencoded
multipart/form-data
text/plain
empty or not specified
When an untrusted origin attempts to send a request that meets the conditions specified above it will be blocked and a log entry similar to the following should be present in your application’s log file:
2015-09-01 17:25:46.530585500 2015-09-01 07:25:46,530 ajp-nio-127.0.0.104-8009-exec-23 WARN anonymous 1045x1465x1 sibktb 127.0.0.1 /rest/auth/latest/session [c.a.p.r.c.security.jersey.XsrfResourceFilter] Additional XSRF checks failed for request: https://example.domain/rest/auth/latest/session , origin: https://another-origin.domain , referrer: null , credentials in request: true , allowed via CORS: false}}
说人话就是你想提交Post请求进行变更就会出现,他觉得你这个来源不可信,所以拒绝你变更数据。查了一堆资料说啥添加以下请求头就能绕过:
X-Atlassian-Token: no-check
反正对我本人是没生效,改成nocheck也一样。
解决方案
其实解决方案也挺简单,他不是不信任你的来源么,你指定Origin即可通过。
比如Jira地址为my.jira.com
request.header("Origin","http://my.jira.com");
代码即可正常运行。
参考资料
cross-site-request-forgery-csrf-protection-changes-in-atlassian-rest