[XPORTER-3540] Xporter is not getting Atlassian CSRF Token - Xblend Issue Tracker

Xporter

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Critical
Resolution: Fixed
Affects Version/s: 6.6.0
Fix Version/s: 6.6.2
Component/s: Security
Labels:
None

Sprint:
JIRAXPORTER 2020 Sprint 2
Requirement Status:
OK
- 1

Description

Xporter is not getting Atlassian CSRF Token.

Steps to reproduce the error:

Install the newest version of Xporter
Configure Tomcat to use HttpOnly session ID cookies
Open the browser console
Application tab
Check if Atlassian.xsrf.token has httpOnly checked
Access Search for Issues screen
Try to load the Xporter dialog

Steps to configure the httpOnly on every cookie:

https://confluence.atlassian.com/jira064/preventing-security-attacks-720412500.html#PreventingSecurityAttacks-ConfiguringTomcattouseHttpOnlySessionIDCookies

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Application cookies.png
30/Oct/20 3:16 PM
92 kB
Andre Fernandes Rodrigues
Xporter function.png
30/Oct/20 3:16 PM
11 kB
Andre Fernandes Rodrigues

Activity

People

Assignee:: Rui Rodrigues

Reporter:: Andre Fernandes Rodrigues

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 30/Oct/20 3:14 PM

Updated:: 30/Oct/24 8:50 AM

Resolved:: 04/Nov/20 10:17 AM

Time Tracking

Estimated:

Not Specified

Remaining:

0m

Logged:

1d 1h