-
Type:
Bug
-
Resolution: Fixed
-
Priority:
Low
-
Component/s: Forge - App UI Web
-
Severity 3 - Minor
-
Pollinator tests
-
S
Issue Summary:
When a Forge developer wants their app to open a URL with a custom scheme (for example - `someone@example.com
`, `vscode://some.url/`, `spotify:track:abcd`), the required manifest changes should be:
// manifest.yml modules: ... resources: ... permissions: external: fetch: client: - 'customscheme:*'
If an app developer adds the above permissions block to their app, there is unintended behaviour in Jira Forge app installations.
Steps to Reproduce
- Create and install a Forge app into a Confluence module as well as a Jira module
- Enable custom scheme egress in the Forge app's manifest.yml (see code block above)
- Create a button in the Forge app that redirects the app user to a URL with the allowed custom scheme
- Attempt to interact with the app in the Jira module
Example app code that performs the above behaviour can be found here: ECO-1055.zip
Expected Results
The app user should be able to egress to a URL with a custom scheme, according to behaviour outlined in ECORFC-482 (internal document). The egress behaviour should be consistent across both Jira and Confluence.
Actual Results
The app user is able to egress to a URL with a custom scheme in Confluence. In Confluence, the behaviour aligns with ECORFC-482.
The app user is sometimes able to egress to a URL with a custom scheme in Jira. In Jirar, the behaviour does not align with ECORFC-482.
Workaround
The app developer may have to have some variation on the manifest.yml entry, for example:
// manifest.yml modules: ... resources: ... permissions: external: fetch: client: - address: 'customscheme://' # this does not align with ECORFC-482, may result in unexpected behaviour - address: 'customscheme:\\' # this aligns with ECORFC-482
- blocks
-
ECOHELP-85119 Loading...