let res = await fetch(`https://placeholderurl/rest/api/2/issue`, {
method: "POST",
headers: {
"Authorization": "Basic ...",
"Content-Type": "application/json",
"X-Atlassian-Token" : "no-check"
},
body: JSON.stringify({
"fields": {
"project": {
"id": "1111111"
},
"summary": "haha",
"description": "aha",
"issuetype": {
"id": "111"
},
"priority": {
"id": "10011101"
}
}
})
})
let resJson: string = await res.text()
console.log(resJson)
When running this code in excelâs script, i get a XSRF check failure. GET requests work fine. Additionally, the POST request works fine when running from a local .ts file.
1 Like
Hi @JustinHu
Could you please share some more details like what response/error do you see on making the POST request, what browser and OS are you using and where exactly is the script running (You mentioned you are running this code in Excel)? Can you make sure âX-Atlassian-Tokenâ is indeed sent with the request and Excel is somehow not pruning headers?
Thanks.
The error I am getting is âXSRF check failureâ (403 failure on post)
@aagrawal2
The browser is Chrome, OS is Mac OS. The script Iâm running is the one I showed above. Excel has support for Typescript scripts.
Attached is a screenshot of the request headers as shown on chrome
I think this needs further investigation. Could you please raise this as a bug ticket from our developer help portal and we will look into it? -
Probably have similar problem when using Jira API Cloud from Electron - "X-Atlassian-Token" : "no-check" does not work, I have to change User-Agent.
How did you change it? When I try to manually set user-agent in my request, it doesnt override the default. I think most browsers have this as a security feature.
You cannot change User-Agent in the browser. Electron JS has session.setUserAgent which changes User-Agent in the main process only. (fetch in the browser process uses the changed User-Agent from the main process, then). So, this solution is possible in Electron JS only.
1 Like
