Missing issue type avatar from remote issue link in Jira

Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.

Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

When using mixed protocols (HTTP and HTTPS) between two different Jira Instances, the avatar icon for the issue type from a remote link is not downloaded from the HTTP Jira instance as it is considered insecure content by Chrome.

Steps to reproduce

  • Jira instance 1 using HTTPS

  • Another Jira instance 2 using HTTP

  • Configure Application Link between both Jira Instances

  • Edit one issue on Jira instance 1 (HTTPS) and add a remote issue link to Jira Instance 2 (HTTP)

What is observed

  • The Avatar icon from the remote issue is not downloaded when using Chrome browser, but it is correctly presented when using Firefox

  • When editing the same linked issue on Jira instance 2 (HTTP), we can see correctly the avatar from the remote issue from Instance 1 (HTTPS).

What was expected

  • Remote link showing the link with the Avatar icon for the issue type

Environment

Jira Core 8.x

Chrome 89.x

Firefox 87.0 (64-bit)

Diagnosis

  • Application Link is correctly configured ✔️

  • Remote Issue links are working properly. It is possible to click over the link and the remote issue is correctly opened at the Browser ✔️

  • Issue from Jira Instance running on HTTP, with a remote link to an issue from Jira Instance running on HTTPS: The avatar of the remote issue type is downloaded ✔️

(Auto-migrated image: description temporarily unavailable)

  • Issue from Jira Instance running on HTTPS, with a remote link to an issue from Jira Instance running on HTTP: The avatar of the remote issue type is not downloaded

(Auto-migrated image: description temporarily unavailable)

  • Har file shows that the Avatar icon of the remote issue type was not downloaded

(Auto-migrated image: description temporarily unavailable)

Cause

Chrome blocks insecure content by default.

Solution

Enforce SSL on both Jira instances

However, if it is not possible to make the other Jira secure, using HTTPS, then you can follow the next steps to allow insecure content:

It is not a good idea to allow mixed content ( SSL + non SSL ) as doing so increases several security risks!

  • Click over the lock - It may show a "Not Secure" message as it contains mixed content (HTTP and HTTPS) to expand the browser options for this site. Select "Site Settings".

    (Auto-migrated image: description temporarily unavailable)

  • Change the "Insecure Content" from "Block" to "Allow" and refresh the Jira tab.

(Auto-migrated image: description temporarily unavailable)
Updated on April 2, 2025
Platform
Data Center only
Product
Jira Software Data Center
On this pageSummaryDiagnosisCauseSolution

Still need help?

The Atlassian Community is here for you.
Ask the Community