-
Bug
-
Resolution: Fixed
-
Highest
-
8.9.0, 8.5.7, 8.8.1, 8.5.8
-
33
-
Severity 2 - Major
-
507
-
Issue Summary
Knowledge base article cannot be displayed on the customer portal when JSM is integrated with Confluence 8.5.7+. When attempting to preview a Knowledge Base article you receive an error message in the iframe popup "<confluence site URL> refused to connect":
Environment:
- Any JSM Data Center version
- Confluence Data Center on 8.5.7 or any higher version
Note
This issue only happens when Confluence is on 8.5.7.
More information about the root cause in the KB article: https://confluence.atlassian.com/jirakb/kb-preview-is-failing-with-a-refused-to-frame-site-because-an-ancestor-violates-the-following-content-security-policy-directive-frame-ancestors-self-error-in-browser-s-console-1388151291.html
Steps to Reproduce
- Integrate JSM with Confluence to provide Customers with a knowledge base
- Go to the customer portal and search for any KB article
- Click on the article to open it in an iFrame on the customer portal
Expected Results
The article should be displayed:
Actual Results
The article is not displayed and we receive an error message in the iframe popup "<confluence site URL> refused to connect":
Workaround
- Set the below JVM parameters (on all nodes if you are using multi-node DataCenter cluster) to add the below argument to your setting for allowing only the Jira host to view Confluence content in an iFrame (please change <JIRA hostname> with yours before applying configuration.); - See Configuring System Properties for more on setting System Properties.
- If Jira is not running as a service and the JVM parameters are configured in the setenv.sh or the setenv.bat file, please add the row below:
CATALINA_OPTS="-Dhttp.header.security.content.security.policy.value=\"frame-ancestors 'self' <JIRA hostname>\" ${CATALINA_OPTS}"
- If Jira is not running as a service and the JVM parameters are configured in the setenv.sh or the setenv.bat file, please add the row below:
– If Jira is running as a Windows service, then you will need to add the Java Option below (without double quotes):
-Dhttp.header.security.content.security.policy.value=frame-ancestors 'self' <JIRA hostname>
- Perform a rolling restart of Confluence
A fix for this issue is available in Confluence Data Center 9.0.1.
Upgrade now or check out the Release Notes to see what other issues are resolved.