Description of problem: We(Portal Case Management) team has a requirement to allow linking bugzillas to support cases via the customer portal. Since the bugzilla cookie is only allowed for bugzilla.redhat.com, the customer portal has no access to this cookie and every JSON-RPC call to bugzilla is therefore unauthorized. Further details are in this Jira: https://projects.engineering.redhat.com/browse/UNIFIED-696
Will this be taken care of by Bug 1238761
No, we need to be able to make CORS requests only by using the cookie of already logged in user to bugzilla. This is unrelated to BZ 1238761.
The upcoming Bugzilla 5.0 no longer supports cookie-based authentication in the API. We expect to begin preparations for upgrading to 5.0 shortly after the current Bugzilla hardware upgrade project is completed. Another solution is going to be needed.
As stated above, cookies won't be supports for RPC in Bugzilla 5.0, so this issue cannot be addressed in the requested manner.