Import Automation as JSON fails with an Unknown error in Jira Data Center

Summary

When attempting to import an automation as JSON in Jira, the following error message appears in the browser:

"An unknown error has occurred. Please reload the page and try again."

In the browser's network logs, an HTTP 403 error code is logged with the response "XSRF check failed".

Environment

Jira 10.3.13 (LTS)

Root cause

The problem only occurs when Jira is accessed via load balancer/reverse proxy <base-url>. The issue does not occur if a single node of Jira is accessed directly, bypassing the load balancer/reverse proxy.

The server receives requests from the same origin, as the form page and the form submission are from the same origin; thus, the XSRF HTTP header matches. However, for the XSRF check to succeed, the form token and cookie token sent to the server must match. The problem occurs because modern web browsers (beginning Chrome 80+) do not accept the atlassian.xsrf.cookie initially sent by the server in an iframe as it is treated as cross-site and is therefore rejected.

Solution

Add header to proxy/load balancer

The following workaround will disable XSRF checks for the Automation Import Call.

Modify the reverse proxy / load balancer / WAF to add the following header to the request as it makes its way to the Jira node: