Hi everyone! Forgive me if this has been solved, I’ve looked through every past related question I could find and was not able to get a working solution.
I’m building a small Figma plugin to allow users to create tickets in JIRA from Figma. Since Figma effectively runs as a browser-based application, following the advice of past questions on here I am doing the request through a proxy (Heroku), following the advice of the first answer in a stack overflow post (it won’t let me post the link, please see the first reply for the link to the post).
I’m using the following code and POST request to do this.
const basicAuth = buffer__WEBPACK_IMPORTED_MODULE_6__.Buffer.from(username + ':' + password).toString('base64');
// where password is the API token
const bodyData = `{
"fields": {
"summary": "Main order flow broken",
"issuetype": {
"id": "10000"
},
"project": {
"id": "10000"
},
"customfield_10011" : "Test"
}
}`;
fetch(`https://fierce-spire-09192.herokuapp.com/https://${companyName}.atlassian.net/rest/api/3/issue`, {
method: 'POST',
headers: {
'Authorization': `${basicAuth}`,
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-Atlassian-Token': 'nocheck'
},
body: bodyData
})
However, I’m getting the following error when I make the request.
POST https://fierce-spire-09192.herokuapp.com/https://flighthealthtest.atlassian.net. /rest/api/3/issue 403 (Forbidden)
Response: 403 Forbidden
XSRF check failed
When I try the non-proxied URL (removing the heroku app URL from the beginning) in Postman and make the same POST request, it works perfectly. When I use the proxied URL in Postman, it does not work, and produces:
“Missing required request header. Must specify one of: origin,x-requested-with”.
Does anyone have ideas as to how I can resolve this? Thanks so much!