Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
jira rest api generates 426 error
#1
I have a delphi app that uploads attachments directly to JIRA.  However, it is failing with a HTTP error of 426.

I'm at a loss as to what isn't set correctly and needs to be 'upgraded'.

Any ideas how to move forward?
Thanks




ssl.method := sslvSSLv23;
ssl.SSLOptions.SSLVersions := [sslvTLSv1, sslvTLSv1_1, sslvTLSv1_2];

output:

IdSSLIOHandlerSocketOpenSSL1Status:Resolving hostname xxxxxx-sandbox-603.atlassian.net.
IdSSLIOHandlerSocketOpenSSL1Status:Connecting to 104.192.142.19.
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "before/connect initialization"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:before/connect initialization
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "before/connect initialization"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:before/connect initialization
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv2/v3 write client hello A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv2/v3 write client hello A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read server hello A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read server hello A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read server certificate A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read server certificate A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read server key exchange A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read server key exchange A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read server done A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read server done A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 write client key exchange A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 write client key exchange A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 write change cipher spec A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 write change cipher spec A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 write finished A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 write finished A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 flush data"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 flush data
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read server session ticket A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read server session ticket A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSLv3 read finished A"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSLv3 read finished A
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSL negotiation finished successfully"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSL negotiation finished successfully
IdSSLIOHandlerSocketOpenSSL1StatusInfo:SSL status: "SSL negotiation finished successfully"
IdSSLIOHandlerSocketOpenSSL1StatusInfoEx:SSL negotiation finished successfully
IdSSLIOHandlerSocketOpenSSL1StatusInfo:Cipher: name = ECDHE-ECDSA-AES128-GCM-SHA256; description = ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH    Au=ECDSA Enc=AESGCM(128) Mac=AEAD
; bits = 128; version = TLSv1/SSLv3;
lHTTPStatus:Connected.
lHTTPConnected
lHTTPWorkBegin:4011
lHTTPWork:4011
lHTTPWorkEnd:1
lHTTPHeadersAvailable
lHTTPStatusBig Grinisconnecting.
lHTTPDisconnected
lHTTPStatusBig Grinisconnected.
exception:HTTP/1.1 426 Upgrade Required
Reply
#2
(06-06-2022, 08:11 PM)pohukai Wrote: I'm at a loss as to what isn't set correctly and needs to be 'upgraded'.

What does your code look like? What does the actual HTTP request look like? Does Jira's HTTP response include an "Upgrade" header? It should be telling you what the server wants you to upgrade to.

Reply
#3
(06-07-2022, 12:16 AM)rlebeau Wrote:
(06-06-2022, 08:11 PM)pohukai Wrote: I'm at a loss as to what isn't set correctly and needs to be 'upgraded'.

What does your code look like?  What does the actual HTTP request look like?  Does Jira's HTTP response include an "Upgrade" header? It should be telling you what the server wants you to upgrade to.

Here is the method call, where I pass the URL and a filename, including the path.

function TfrmJiraAttachment.upload(aUrl: string; aFileName : string) : boolean;
var
  mpStream : TIdMultiPartFormDataStream;
  RespStr  : String;
begin

  (*
  According to atlassian's documentations:

  TLS version 1.2 (or higher) is required for all
  Atlassian products and services.

  TLS version 1.1 and lower is unsupported.

  Any version of SSL is unsupported.

  https://support.atlassian.com/security-a...-products/
  *)

  mpStream := TIdMultipartFormDataStream.Create;
  HTTP.Request.CustomHeaders.AddValue('X-Atlassian-Token', 'nocheck');
  mpStream.AddFile('file', aFileName);
  Http.ProtocolVersion := pv1_1;

  ssl.SSLOptions.Method      := sslvTLSv1_2;
  ssl.SSLOptions.SSLVersions := [sslvTLSv1_2];
  HTTP.Request.ContentType  := 'multipart/form-data';
  try
  RespStr := HTTP.Post( aUrl, mpStream);

  Result := true;
  log.Lines.Add ('success!' );
  except

  on e: exception do
    begin
      log.Lines.Add ('exception:' + e.Message);
    
    end;

  end;
  mpStream.Free;
end;


This is what is in the raw response header:
Access-Control-Allowed-Origin: *
Vary: Accept-Encoding
Date: Tue, 07 Jun 2022 18:31:30 GMT
Server: globaledge-envoy
Connection: close
Content-Length: 0
Reply
#4
I resolved the issue by setting http.HTTPOptions := [hoKeepOrigProtocol]. This prevents INDY from momentarily switching back the http.ProtocolVersion to pv1_0 and then switching back. Apparently, Atlassian always needed pv1_1. Too bad they didn't provide a clue in their headers Sad
Reply
#5
It would be great if they did
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)