Uploaded image for project: 'Bitbucket Server'
  1. Bitbucket Server
  2. BSERV-12619

Adding projects to smart mirror using different domain results in "Failed to add projects" error




      Issue Summary

      When using Google Chrome to add projects to a mirror that is hosted on a different domain, the project add fails with the error:

      "Failed to add projects. Some projects could not be added. Please refresh the page and try again."

      Steps to Reproduce

      1. Set up a Bitbucket Data Center instance hosted on mybitbucket.com
      2. Set up a smart mirror hosted on mybitbucketmirror.com, and register it with the above upstream Bitbucket instance
      3. Navigate to the mirror's configuration under Admin > Mirrors > Click mirror name
      4. Search for and then attempt to add a project to be synchronized to the mirror

      Expected Results

      The project is added without issue.

      Actual Results

      The following error is thrown:

      "Failed to add projects. Some projects could not be added. Please refresh the page and try again."

      Reviewing the call to https://mybitbucketmirror.com/rest/mirroring/latest/upstreamServers/<upstreamServerID>/settings/projects in the developer console shows the following payload returned alongside a 401 Unauthorized HTTP status code:

        "errors": [
            "context": null,
            "message": "You are not permitted to access this resource",
            "exceptionName": "com.atlassian.bitbucket.AuthorisationException"

      Lastly, in the JavaScript console the following warning can be found:

      A cookie associated with a cross-site resource at https://mybitbucketmirrror.com/ was set without the `SameSite` attribute. 
      It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. 
      You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.


      Navigate to "chrome://flags/#same-site-by-default-cookies" (or chrome://flags/#schemeful-same-site) within Google Chrome and then set the behavior there to 'Disabled'. Then proceed to restart Google Chrome ("chrome://restart") and attempt to add a project to the mirror.

      Other information on this error alongside suggested workaround steps can be found in this knowledge article.


          Issue Links



              Unassigned Unassigned
              eslaughter@atlassian.com Evan Slaughter
              4 Vote for this issue
              14 Start watching this issue



                  Backbone Issue Sync