0

I am trying to develop a D3 visualisation project for our JIRA boards, but I've fallen at the first hurdle. I'm having trouble authenticating and getting a list of JIRA boards.

This code is entirely client-side and is in Angular 2 RC 3. My service looks like this:

public authenticate( username:string, password:string ):void {
    let encodedAuth:string = window.btoa( `${username}:${password}` );
    this.headers = new Headers();
    this.headers.append( 'Content-Type', 'application/json' );
    this.headers.append( 'Authorization', `Basic ${encodedAuth}` );
}

public getAllBoards():Observable<Boards> {
    return this.http.get( `http://${this.host}/rest/agile/1.0/board`, this.headers )
        .map( response => response.json() as Boards )
}

and the code in my component looks like this:

constructor( protected jiraService:JIRAService ) {
    this.jiraService.authenticate('me@you.com', 'password');
    this.jiraService.getAllBoards().subscribe(
        boards => this.boards = boards
    );
}

Unfortunately, this generates what looks like a CORS error in my browser:

XMLHttpRequest cannot load https://myjira.atlassian.net/rest/agile/1.0/board. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 401.

...which is a little unexpected. This same URL in the browser works fine. Examining the request in Charles I see the error "SSL Proxying not enabled for this host: enable in Proxy Settings, SSL locations", but cannot actually find this setting. I don't care if I can't see it in Charles actually, I just want to get it working!

I have tried several of the npm JIRA packages but none of them are remarkable and seem to be designed for server-side development.

Any help greatly appreciated.

serlingpa
  • 12,024
  • 24
  • 80
  • 130
  • When I was working with WebAPI, I would get this kind of CORS error if the server returned 500. You said the same URL is working on browser, did you use some tool like Postman to add custom headers, or just normal browser window? – Harry Ninh Jun 23 '16 at 14:07
  • I used both Postman and a direct URL in the browser. – serlingpa Jun 23 '16 at 19:09

1 Answers1

0

You get this error when you access it from within an application that was initially loaded from a different URL. If you load a new page from this "other" URL then this is not a CORS situation because the initial page load is already from this URL.

The server need to provide the expected CORS headers for the browser to allow this request. This is not an Angular issue but only a server issue.

Workarounds are

  • JSONP (doesn't support custom headers)
  • provide support server-side where your Angular application calls to your server which then forwards to the other server and then forwards the response it gets to your Angular application.
Günter Zöchbauer
  • 623,577
  • 216
  • 2,003
  • 1,567