-
Type:
Bug
-
Resolution: Timed out
-
Priority:
Low
-
Component/s: Ecosystem
-
1
-
Severity 3 - Minor
Summary
When using HTTP request method OPTION for JIRA REST end points request, instead of returning 'Content-Type: application/json' it returns 'Content-Type: text/html' in the REST response which causes cross-origin read blocking (CORB) to certain REST clients.
Investigation Done
soramaru@Soramaru-PC:~$ curl -D- -u vchin@atlassian.com:<API_KEY> -X OPTIONS -H "Content-Type: application/json" https://zaansmeisje.atlassian.net/rest/api/3/issue/AT1-4 HTTP/1.1 204 Server: Atlassian Proxy/1.13.6.2 Content-Type: text/html;charset=UTF-8 Strict-Transport-Security: max-age=315360000; includeSubDomains; preload Date: Fri, 21 Dec 2018 14:10:22 GMT ATL-TraceId: f827cbf8ce11d20b X-AACCOUNTID: 557057%3Add697c0d-6cc7-429e-b8a1-4ccab4c19347 X-AREQUESTID: 8ed45740-71fd-46ca-850d-72449fe10da1 X-XSS-Protection: 1; mode=block Timing-Allow-Origin: * ATL-TCS-Time: 0 X-AUSERNAME: 557057%3Add697c0d-6cc7-429e-b8a1-4ccab4c19347 X-Content-Type-Options: nosniff Connection: keep-alive Set-Cookie: atlassian.xsrf.token=B9CT-DT45-MJ4N-MURT_ea9b5844075560a8901c2e657ad17d5d0621841b_lin; Path=/; Secure Allow: OPTIONS,HEAD,DELETE,GET,PUT
Notice that the 'Content-Type' is 'text/html'
Expected Behavior
When OPTIONS is used, content-type is returned as 'application/json'.
Current Behavior
When OPTIONS is used, content-type is returned as 'text/html'.