I noticed that recently (2018-01-22?) Jira stopped sending the referrer header when calling cloud add-ons. For example, when my add-on page is at https://acme.atlassian.net/plugins/servlet/ac/my-page?foo=bar, the URL used to be included in the “referer” HTTP header when calling the connect add-on.
Is this an intentional change or a new bug? How can the server get the host URL, with query params etc?
It looks like the connect iframe are including referrerpolicy=“no-referrer” which would do it. That said - I wouldn’t depend on the referer header for any data though since they can be faked (it doesn’t have a jwt query string on it) and they can be disabled depending on the browser.
You should be able to send the data that you want down through the context parameters (and thus can trust them) and/or fetch them through the AP bridge on the client side.
As server side fix we use custom context parameters However they are available for page modules only. For webpanels you could use some hack with AP.getLocation
Konrad, did you manage to get this working? I’ve got the same issue as you. Given the url in your example, what values did you use in your atlassian-connect.json file? i’ve tried both ?foo={foo} and ?foo={ac.foo} and the key / value never seems to appear in my req.context server side.