Skip to main content

Hi, hope this is the right place to feed back with an api bug report.
I think there's possible a bug with https://developers.miro.com/reference/update-board
Boards updates but for some reason server returns internal error, maybe my request is incorrect.
I’ve attached request and response logs without bearer token.

Thanks for the support,
Vasily

Request:
Method: PATCH, RequestUri: 'https://api.miro.com/v2/boards/uXjVPMm5xU4%3d', Version: 1.1, Content: System.Net.Http.StringContent, Headers:
{
  Accept: application/json
  Authorization: Bearer 
  Content-Type: application/json
}
{"description":"some new description","name":"Test","policy":{"permissionsPolicy":{"collaborationToolsStartAccess":"all_editors","copyAccess":"anyone","sharingAccess":"team_members_with_editing_rights"},"sharingPolicy":{"access":"view","inviteToAccountAndBoardLinkAccess":"viewer","organizationAccess":"private","teamAccess":"edit"}},"teamId":"3458764536059967553"}

Response:
StatusCode: 500, ReasonPhrase: 'Server Error', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
  Connection: keep-alive
  Date: Mon, 17 Oct 2022 15:33:54 GMT
  Server: nginx
  Set-Cookie: AWSALBTG=Je+KRn7KvSyKTrrVjaNKjjzbnni5AND2g6VL9oa8CgnpkHbdrcN/F1TTklTk0VzbgafZJTWmdbyNIcw3vgw1QdhezUO9Ts57j5EWCQMRyN6PrD+DOE5QQvpqAyLHJI4wdMPey6dHi7RrIqvP71bzGScwu1keW5iJ4G13DYq+tuHw; Expires=Mon, 24 Oct 2022 15:33:54 GMT; Path=/
  Set-Cookie: AWSALBTGCORS=Je+KRn7KvSyKTrrVjaNKjjzbnni5AND2g6VL9oa8CgnpkHbdrcN/F1TTklTk0VzbgafZJTWmdbyNIcw3vgw1QdhezUO9Ts57j5EWCQMRyN6PrD+DOE5QQvpqAyLHJI4wdMPey6dHi7RrIqvP71bzGScwu1keW5iJ4G13DYq+tuHw; Expires=Mon, 24 Oct 2022 15:33:54 GMT; Path=/; SameSite=None; Secure
  Vary: Origin
  Vary: Access-Control-Request-Method
  Vary: Access-Control-Request-Headers
  Content-Security-Policy: default-src 'self'
  Referrer-Policy: no-referrer
  X-RateLimit-Limit: 100000
  X-RateLimit-Remaining: 99850
  X-RateLimit-Reset: 1666020888
  X-Request-ID: c7bf290c-b5ad-4d0e-a258-80168ceb432f
  X-Content-Type-Options: nosniff
  X-XSS-Protection: 1; mode=block
  Cache-Control: private, no-cache, no-store, no-transform, max-age=0, must-revalidate, proxy-revalidate
  Pragma: no-cache
  X-Frame-Options: DENY
  Strict-Transport-Security: max-age=31536000
  X-Cache: Error from cloudfront
  Via: 1.1 6c183700546a331def0de99cb43d1574.cloudfront.net (CloudFront)
  X-Amz-Cf-Pop: HEL50-C2
  X-Amz-Cf-Id: ytrtTPrLfQuXwfIi4hBFS_TETCX1doqJylTratr1M1UoKbEAt-smbQ==
  Content-Type: application/json
  Content-Length: 154
  Expires: 0
}
{
  "type" : "error",
  "code" : "4.0003",
  "context" : {
    "boardId" : "uXjVPMm5xU4="
  },
  "message" : "Internal error occurred",
  "status" : 500
}

Hi @gitbleidd, can you try removing the teamID parameter from the request. If you’re not moving the board to a different team then this parameter should not be in the request.

Yes, that fixed it. Thanks!

# From hackerOne
print('Searching for XSS')

x

<h1>XSS</h1>

 

Reply


Terms & Conditions