Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Using Issue Collector of a HTTPS server in an HTTP Server throws an error in Edge

Bertrand Delaitre
Bertrand Delaitre May 16, 2022

Hi,

 

We are using Jira 7.13.8 Server, Microsoft Edge Version 100.0.1185.57 and Firefox 100.0.

We have two servers:

  • one uses HTTP,
  • the other HTTPS.

 

If I create an Issue Collector on both servers and integrate them in an HTTP server, I don't have the same behavior on EDGE.

  • With HTTP one, everything works fine
  • With HTTPS one,, I've got the error "We noticed that you have third-party cookies disabled in your browser, we need this enabled to correctly submit your information."

No problem with Firefox.

 

After checking Edge parameters, I have seen than third-party cookies are enabled. So I can't understand the error message.

 

Any help or idea of what I can check in Edge wille be appreciated.

Answer
Watch
Like Be the first to like this
625 views

1 answer

0 votes
Andy Rusnak
Andy Rusnak
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 17, 2022
Hi Bertrand,

I am sorry to hear about the issue you are running into on Microsoft Edge using the Issue Collector. I wonder if you might be running into JRASERVER-70494. Although it is interesting that you are only seeing in Edge and not other browsers which in theory should have the same setting. But it is possible to have it set differently between browsers.  It may also be a combination of other settings in the Edge browser causing issues, but I think this at least a place to start.  

Would you be able to capture the developer tools console from the Edge browser when recreating the issue? I am curious to see if you see the warning noted in that Bug (starts with: "A cookie associated with a cross-site resource at <URL> was set without the `SameSite` attribute.").

You can also check in Edge to see if the SameSite setting is enabled via:

1. Type in browser bar
edge://flags
2. In the search bar of that window type "cookie"
3. Find the "SameSite by default cookies" and confirm if it is enabled or disabled

Best,
Andy
View More Comments
Bertrand Delaitre
Bertrand Delaitre May 18, 2022

2022-05-18 14_29_39-Essai de soumission de ticket dans TEST_SLO et 4 pages de plus - Travail – Micro.png

Like
Bertrand Delaitre
Bertrand Delaitre May 18, 2022

Thanks for your answer.

 

Nothing about cookies in console. And edge://flags is forbidden by our IT.

Additionnal informations :

call to HTTP issue collector from HTTP server works

call to HTTPS issue collector from HTTPS server works

call to HTTP issue collector from HTTPS server doesn't works (can't call HTTP from HTTPS normal behavior)

call to HTTPS issue collector from HTTP server works gives me a cookie error even with third-party cookies enabled

 

Quiet sure this is a configuration of EDGE, but can't find which one...

Like
Andy Rusnak
Andy Rusnak
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 18, 2022

Thanks Bertrand!  So that rules out the Jira Bug that I posted then.  So I agree that it is some type of an Edge setting.  One thing that I am a little confused on, when you note the server and the issue collector, the server is referring to what?  Is that the server that hosting the application that contains the issue collector?  

So in the case of a web site for example, you have a site that requires HTTPs (that is the HTTPs server you are referring to) and then you have a site that does not (and that is the HTTP server you are referring to). 

Then the Issue Collector is the Issue Collector snippet that points to a Jira server, and there too you have one that requires HTTP and one that does not.  I just want to make sure I am understanding that correctly.  

Best, 

Andy

Like
Andy Rusnak
Andy Rusnak
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 18, 2022

Also, another thing we can look at, since Chrome is working, we might be able to inspect the cookies themselves that are stored on the browser.  If you load the developer tools up when you launch the Issue Collector, within the Application tab of the developer tools you can expand cookies and see what cookies are stored for both Chrome (where it works) and Edge (where it doesn't).  Seeing the difference in cookies might also help us to understand what could be triggering that warning.  

Best, 

Andy

Like
Bertrand Delaitre
Bertrand Delaitre May 18, 2022

You're right. We have two web servers (HTTP and HTTPS) and two jira instances (one HTTP, one HTTPS).

When using the HTTP web server to access HTTPS Issue Collector, I have differences for cookies :

  • In EDGE, where I have the message, I've no cookie at all
  • In Firefox (where it works), I've a atlassian.xsrf.token cookie for the Jira server
Like
Andy Rusnak
Andy Rusnak
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 19, 2022

Thanks Bertrand.  That makes sense now why you are seeing that then.  The xsrf token being missing would trigger that message from Jira. The fact the cookie gets set in Firefox would indicate that the server is attempting to push it down, its just a matter of determining why Edge isn't storing it.  

I am not necessarily an expert in Edge, I know it leverages the Chromium foundation, which is also what Chrome uses.  So it is interesting that Chrome is working, but Edge isn't.  Firefox uses a completely different foundation so that isn't necessarily surprising it would behave differently.  But the bottom line is determining why that cookie isn't getting stored.  

When you noted that third-party cookies are enabled, was that a global or site level within Edge?  I believe there is a way to enable third-party cookies globally and also at the site level, and I think the site level would override the global setting.  So I am curious if maybe there is a site specific setting that is preventing that cookie from getting stored.  

Are there any other cookies you see getting stored in Edge for that interaction?

Best,

Andy

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
VERSION
7.13.8
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.