Link to a Confluence page with a special character is failing
Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.
Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
In this article we are discussing the example of JIRA and Confluence and the character ':', but the same issue can occur between any two applications and with any special character.
Problem
Trying to link a Confluence page to a JIRA issue (or to any other application) where the Confluence page contains a special character (eg ':') fails with the error : "No Confluence page found with the given URL".
Steps to reproduce :
- Navigate to JIRA issue > More > Link > Confluence page
- Search for a Confluence page with a special character. For example ':'
- The page is searchable but when clicking on "Link" the following error is displayed.
Diagnosis
Environment
- JIRA and Confluence are hosted behind the reverse proxy.
Diagnostic Steps
- Issue is not reproducible after bypassing the proxy
- With proxy, looking closer, there is also a difference in the url displayed in Confluence from the one displayed in JIRA for the same page.
- In JIRA : User is able to see the URL : https://xxxx.com/confluence/display/AAA/AAAA+2015%3A+Q2
- In Confluence : The URL generated on mouse hover on the PAGE TREE is : https://xxxx.com/confluence/display/AAA/AAAA+2015:+Q2
The following error is displayed in Confluence logs:
2017-03-01 09:33:17,977 WARN [http-nio-8082-exec-23] [oauth.serviceprovider.internal.AuthenticatorImpl] logOAuthProblem Problem encountered authenticating OAuth client for url "https://xxxx.com/confluence/display/AAA/AAAA+2015:+Q2", error was "signature_invalid", with parameters "{oauth_problem=signature_invalid, oauth_signature=xOAIBqODL66ZOHlTHYCnf5Uh0HWCF1FLPujjblWUVAfs6u3V4V3qQwNxUg6JddNQDFbBLqKYfonwIfI1Sp9RRqtbhDsdhJC3kTSC2++b5oUja1BJ59YrnyAhxP/OBJT9ePcru3V9C8P9Pq9tVIKX7HJaTQKeU3DSqWDo1ZvSZB8=, oauth_signature_base_string=GET&https%3A%2F%2Fxxx.com%2Fconfluence%2Fdisplay%2FBPP%2FTest%2BConfluence%2BLinking%2Bwith%2B%3A%2BJira%2BIssues&oauth_consumer_key%3Djira%253A11124560%26oauth_nonce%3D44427251144970311%26oauth_signature_method%3DRSA-SHA1%26oauth_timestamp%3D1488360797%26oauth_token%3D%26oauth_version%3D1.0%26xoauth_requestor_id%3Ddkum83, oauth_signature_method=RSA-SHA1}"
Cause
When JIRA searches for the page, Confluence is sending the url with '%3A' to JIRA. However at the time of adding the page link, JIRA proxy is encoding '%3A' to ':' and sending it back to Confluence. At this moment, Confluence sees that the request url was modified and hence fails with the 'signature_invalid' error.
This same problem does not arise when you manually change the url to add the colon ':' in the url. This is because proxy does not interfere with this url at this point. So Confluence receives this url as is. So the link is approved.
Workaround
Replace %3A to use colon (:) in JIRA right before pressing "Link"
Resolution
We are taking Apache httpd as an example here :
Use the 'nocanon' parameter in the proxy configuration as it suppresses the special character conversion in the url.
Reference : https://httpd.apache.org/docs/2.4/mod/mod_proxy.html
Description: Maps remote servers into the local server URL-space Syntax: ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] [noquery
ProxyPass /jira http://127.0.0.1:8080/jira nocanon
Context : https://www.silverdisc.co.uk//blog/2009/02/28/url-canonicalisation-and-normalisation
Example of a Url proxied by httpd :
Without using nocanon : http://xxxxx/jira/browse/DRX-1+:
Using nocanon : http://xxxxx//jira/browse/DRX-1+%3A