0

my frameworks:

  • python backend fastapi
  • javascript frontend next.js

using this fetch:

const response = await fetch("UrlToPythonBackend", {
            method: "POST",
            mode: "no-cors", // changing this option in my tries
            headers: {
                "Content-Type": "application/json",
                "X-Atlassian-Token": "no-check",
                "Target": "https://DomainWichWorks100%Fine.atlassian.net/rest/api/2/issue",
                Authorization: 'Basic MyTokenWichWorks100%FineTrustMe',
            },
            body: JSON.stringify({
                test: "Test"
            }),
            redirect: 'follow'
        })

using this backend:

from fastapi import FastAPI
from fastapi import Body, Header, Request, HTTPException
from typing import Annotated
import requests
import json
from fastapi_cors import CORS
from fastapi.middleware.cors import CORSMiddleware
from pydantic import BaseModel

app = FastAPI()

app.add_middleware(
    CORSMiddleware,
    allow_origins=["*"],
    allow_credentials=True,
    allow_methods=["*"],  # or specify methods like ["GET", "POST"]
    allow_headers=["*"],  # or specify headers like ["Content-Type", "Authorization"]
)


@app.post("/proxy")
async def proxyPost(request: Request, body = Body(), target: str = Header(alias="Target")):
    """
    Proxies the POST request to the specified target URL.

    Args:
        request (Request): The incoming request object.
        body (dict): The request body as a dictionary.
        target (str): The target URL to proxy the request to.

    Returns:
        dict: The JSON response from the target URL.
    """
    print(f"Request Body: {body}")


    headers = {key: value for key, value in request.headers.items() if key.lower() != 'host'}


    load = str(body)
    load = load.replace("'", "\"")

    response = requests.post(target, json=load, headers=headers)
    try:
        response_json = response.json()
    except:
        response_json = response.text
    return response_json

    #response = requests.post(target, json=body, headers=headers)
    #response_json = response.json()

Short: getting the 422 Unprocessable Entity HTTPError

Detailed: I've tried to deploy the backend on a server but then i'm getting with cors the XSRF check error and with no-cors the Unprocessable Entity Error

Using the Backend Localhost (changed the mode of the fetch to cors), everything works fine except the jira api. On localhost i'm getting XSRF check failed even though im using the solution Jira provided: X-Atlassian-Token: no-check

Improve this question
2
  • no-cors makes little sense, if you want those additional headers X-Atlassian-Token and Target to be sent - because no-cors limits you to sending only CORS-safelisted headers, and these do not belong to those. Commented Jun 21, 2024 at 8:50
  • Targetheader is for the backend proxy to handle the redirect Commented Jun 21, 2024 at 13:43

1 Answer 1

Reset to default
0

solved my problem by adding these two headers in my backend now its working.

headers['Accept'] = '/' headers['User-Agent'] = 'curl/7.64.1'

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.