Uploaded image for project: 'Jira Align'
  1. Jira Align
  2. JIRAALIGN-3711

Saving a workitem with a code snippet in the description throws a 403 error by Cloudflare

XMLWordPrintable

      Issue Summary

      Saving a workitem with a SQL code (or other languages) in the description (or any free text field) throws a 403 error by Cloudflare WAF.

      Steps to Reproduce

      1. Create an Epic, Story or feature on Jira with a SQL statement in the description field (or any other piece of code)
        • Example: add this line on the Jira description <scrip>alert("Test")</script>
      2. Let it sync to JA
      3. Try to edit the Feature or Story on JA

      Expected Results

      To have the workitem saved, since the data that came from Jira was neither blocked during the input nor during the sync.

      Actual Results

      The UI throws a 'Forbidden resource can't be accessed' error, and the HAR file indicates the blockage with a 403 error from Cloudflare.

      Workaround

      The user needs to remove the SQL code (and other languages) from the free-text fields.

        1. image-2021-10-19-16-21-57-101.png
          image-2021-10-19-16-21-57-101.png
          26 kB

              fea1a6ef3355 Yannick Genin
              c1060921cc3a Enio Marques Junior (Inactive)
              Votes:
              31 Vote for this issue
              Watchers:
              67 Start watching this issue

                Created:
                Updated:
                Resolved: