Mitigating CORS Errors With Custom Jira REST API Endpoints
If you dive into the world of REST requests and APIs, you may encounter a CORS error that prevents your request from completing. CORS stands for Cross-Origin Resource Sharing. Same-origin is a security feature in browsers that prevents requests coming from one place (origin) to access resources in a different domain. CORS allows web pages to access resources on a different network by providing a standard for safely allowing cross-origin requests.
Let’s talk about the example that I encountered. I wrote a JavaScript macro for Confluence Server, and I was trying to access a third-party API using that macro. However, Confluence macros run in the browser when the page loads, rather than running on the back-end Confluence server itself. Thus, while the Confluence server may be set up to address CORS, your browser almost certainly is not, and the request gets blocked.
We can address this by creating a custom REST API endpoint in Confluence (or Jira). In this way, we have the server making the request to the third party API, and the macro makes the request to the internal API.
In other words, the custom REST API endpoint acts