We’re migrating one of our Connect macros to Forge. The Forge macro is using Custom UI with React, and needs to call our Connect backend.
Here is a sample code of our React based UI:
import { requestRemote } from '@forge/bridge';
useEffect(() => {
requestRemote('/api/v2/something');
}, [])
Since Custom UI is hosted inside Forge iframe using atlassian(-dev).net domain, we whitelist those domains in our CORS check, and everything is good. But if a customer is using custom domain (aka displayUrl in Connect), then the preflight request will come from that custom domain without any additional information, forcing us to whitelist everything (*).
I know we can get displayUrl from Connect lifecycle event and persist the value somewhere, but Connect lifecycle event is going away, and the Forge lifecycle event does not have displayUrl equivalence. Does anyone know of anyway we can get displayUrl other than in the Connect payload?