Insight widget not loading graph in Confluence
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Problem
The content of the Insight widget is not showing
Diagnosis
Environment
This happens on Jira integrated with Confluence and each on different domain. For example, https://myjira.com and https://myconfluence.com.
Diagnostic Steps
If you bring up the browser's developer tools and switch to the Console tab, there are errors as shown in the screenshot above.
Refused to frame '<Jira_base_URL>' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'". Failed to load resource: the server responded with a status of 401 ()
Cause
There are security headers blocking the widget content to be loaded as explained here - Security Headers in Jira
Resolution
Following this KB about security headers in Jira, one of the solutions is to exclude some paths. Here are the steps and the list of paths to be excluded specifically for this issue.
- Follow Setting properties and options on startup to determine the file to be edited.
- These paths shall be excluded for the widget content to be loaded. There's also an example of how the argument looks like in setenv.bat or setenv.sh.
- /rest/gadgets/1.0/
- /rest/insight/1.0/
/rest/insight-widgets/
JVM_SUPPORT_RECOMMENDED_ARGS="-Dcom.atlassian.jira.clickjacking.protection.exclude=/rest/gadgets/1.0/,/rest/insight/1.0/,/rest/insight-widgets/"
- Restart Jira for the changes to be applied.
- Refresh the Confluence page to load the widget once Jira is back online.