One of our customers reported that they can’t create new components within “component versions page”. I could not reproduce the problem in my development environment and we have arranged a Webex meeting.
Customer demonstrated the problem and I had change to investigate both server and browser logs. There was no error in atlassian-jira.log file and I have checked browser’s logs. Interestingly POST request was running successfully but a following GET request was failing. When a new component is created, URL of the newly created component is returned with “location” header of HTTP 204 response.
Browser’s log was displaying “Mixed Content Blocked” error for GET request. It turned out that, customer had configured SSL recently. SSL was terminated on reverse proxy and Jira itself was working on http. Since jira is itself configured with http it was generating location header with http. JavaScript side of application was trying to fetch newly created resource using the location header of previous HTTP 204 Created response and failing because browser is not allowing http request inside an https page.
Using location header inside HTTP 201 (Created) response has widespread usage. There is a special reverse proxy configuration for this, proxy redirect. When this option is correctly specified reverse proxy will rewrite URLS in location header and there will not be any problem. Reverse proxy may also be configured to redirect all http requests to https automatically.