Failed Requests on Fisheye Crucible Instance Behind Proxy: 'Additional XSRF Checks Failed' WARN messages

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Performing actions like creating Application links, downloading Support Zips or even creating reviews fails with "Additional XSRF checks failed for request" messages logged on a Fisheye Crucible instance behind proxy.

Environment

All

Diagnosis

  • Check if user is accessing the Fisheye Crucible instance from behind a Proxy.

  • When doing any of the actions like Downloading Support Zips or creating Application Links, the request fails and "Additional XSRF checks failed" WARN message is logged in Server logs.


    Server logs:

    2023-11-05 10:47:18,700 WARN  [qtp2031951755-3011 url: /rest/analytics/1.0/publish/bulk; user: ******* ] com.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilter XsrfResourceFilter-passesAdditionalBrowserChecks - Additional XSRF checks failed for request: http://instenv-**************.atl-test.space/rest/analytics/1.0/publish/bulk , origin: https://http://instenv-**************.atl-test.space , referrer: https://ihttp://instenv-**************.atl-test.space/plugins/servlet/troubleshooting/view/ , credentials in request: true , allowed via CORS: false
2023-11-05 10:47:41,486 WARN  [qtp2031951755-3011 url: /rest/troubleshooting/latest/support-zip/local; user: ******* ] com.atlassian.plugins.rest.common.security.jersey.XsrfResourceFilter XsrfResourceFilter-passesAdditionalBrowserChecks - Additional XSRF checks failed for request: http://instenv-**************.atl-test.space/rest/troubleshooting/latest/support-zip/local , origin: https://http://instenv-**************.atl-test.space , referrer: https://http://instenv-**************.atl-test.space/plugins/servlet/troubleshooting/view/ , credentials in request: true , allowed via CORS: false

Cause

  • This happens when the Proxy Settings are not properly configured on the Fisheye Crucible instance.

Solution

  • Configure the correct Proxy Settings on your Fisheye Crucible instance from "Admin → Global Settings → Server" as shown in below example.

    Kindly update the values as per your own environment.
  • Restart your Fisheye Crucible instance for the configuration to take effect.

  • After the restart the <web-server> directive in your config.yml should be updated to reflect the changes as shown in the below example.

    <web-server site-url="https://{{SiteURL}}">
        <http bind=":8060" proxy-host="{{proxy_url}}" proxy-port="443" proxy-scheme="https"/>
    </web-server>

Last modified on Dec 2, 2023

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.