Details
-
Bug
-
Resolution: Fixed
-
Medium
-
1.0, 1.0.1
Description
When an application link is established between Stash and another Atlassian product that is hosted on a different domain, the Outgoing Authentication panel fails to appear on the application link configuration page within the linked product. For example: suppose Stash has an application link with JIRA, and that Stash and JIRA are hosted on different domains; the Outgoing Authentication panel won't appear in JIRA.
For now, the work-around is to visit Stash, and view the Incoming Authentication panel, which corresponds to the Outgoing Authentication panel in JIRA.
The problem seems to result from Stash setting the X-Frame-Options:SAMEORIGIN header on the HTTP response. That header prevents Stash pages from being embedded in IFrames that are from a different host.