This article is specific to Jira and Confluence Cloud API Integrations and clients such as Java, Python, Curl, NodeJS, Axios, atlassian-connect-express etc. Not browsers.
If you see the following error in your browser, please contact support and provide the full text of the error including any Request ID.
To improve performance and address constantly evolving threats on the web, Atlassian is enabling AWS Cloudfront Content Delivery Network (CDN) and Web Application Firewall (WAF) for all Confluence and Jira Cloud Customers.
This rollout will occur over the next few months, country by country, progressively, with each country taking around 1-2 weeks to complete the migration.
This improvement may unfortunately impact some Jira and Confluence Cloud API integrations (like those written in Python, Node/JS, Java, libcurl, Axios, atlassian-connect-express etc) that are accidentally including a body/data/payload in GET requests.
Where previously Jira and Confluence Cloud APIs simply discarded any body included with a HTTP GET request and continued to process the request as normal, AWS Cloudfront will actively reject such requests:
If a viewer
GETrequest includes a body, CloudFront returns an HTTP status code 403 (Forbidden) to the viewer.
HTTP clients (other than browsers) that attempt to include a body with a GET request will observe a HTTP 403 response code, with text like the following:
403 ERROR
The request could not be satisfied.
Request blocked. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner. If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
Request ID: L23_HKTRmXpYbGS8c9dcwq-Zy5fx3_a7htuNzMlvJE6rW814efVx2h==
Unfortunately, it is not possible to configure Cloudfront to preserve the existing soft-discard behavior which previously allowed these malformed requests to be successful.
To resolve the issue ensure that your HTTP client code for your API integration does not include any body with its GET requests. These are never necessary and were previously discarded.
We have found that some developers are not even aware their program or script is including a body with a GET, and the most common body payloads are as follows:
{}
""
''
If you observed the aforementioned error in your browser then the underlying cause is different, as browsers do not send GET requests with a body.
Please contact Atlassian Support, and ideally include the full text of the error, including Trace ID, and a HAR file covering the error: https://confluence.atlassian.com/kb/generating-har-files-and-analyzing-web-requests-720420612.html
 
 bmcalary
11 comments