Error saving variable unexpected token error in Terraform Enterprise UI

Avatar
Daniela Lavric
  • Updated

Problem

When adding or updating a variable in the Terraform Enterprise UI, the operation fails with the following error message:

Error saving variable Unexpected token '<', "<html><hea"... is not valid JSON

The UI may display an error banner similar to the following images:

Error message in Terraform Enterprise UI showing "Unexpected token '<'"Variable creation dialog with the error message displayed

Prerequisites

  • A Terraform Enterprise instance.
  • A Web Application Firewall (WAF), proxy, or similar network security appliance is active in the environment.

Cause

This error occurs because a network security appliance, such as a WAF or proxy, is intercepting the API request from the browser to the Terraform Enterprise instance. Instead of allowing the request to be processed and receive a JSON response, the appliance blocks it and returns an HTML error page. The browser's JSON parser then fails when it tries to interpret the unexpected HTML content, resulting in the "Unexpected token '<'" error.

To confirm this, you can capture the browser's network traffic in a HAR file and inspect the response body for the failed request. The response will contain HTML, similar to this example:

"content": {
  "size": 267,
  "mimeType": "text/html",
  "compression": 0,
  "text": "<html><head><title>Request Rejected</title></head><body>Your request was rejected. Please contact Servicedesk, quoting <reference-number> and request ID: <id-of-the-issue><br><br><a href='javascript:history.back();'>[Go Back]</a></body></html>"
}

Note: The specific HTML response may differ depending on your environment's configuration. The key indicator of this issue is receiving an HTML response instead of the expected JSON, which suggests an external system like a WAF or proxy is intercepting and blocking the request.

Solution

To resolve this issue, you must adjust the configuration of the intervening network security appliance to allow traffic between the user's browser and the Terraform Enterprise instance.

  1. Provide the error details from the HAR file to your network or security team responsible for the WAF or proxy.

  2. Request that they create an exception or modify the existing rules to permit the API requests required by the Terraform Enterprise UI. The specific error message from the HTML response can help them identify the policy that is blocking the request. For example:

    Your request was rejected. Please contact Servicedesk, quoting <reference-number> and request ID: <id-of-the-issue>

Outcome

After your network or security team confirms that the necessary rules have been updated, you will be able to add and update variables in the Terraform Enterprise UI without encountering the error.

Additional Information

Articles in this section

Related articles