-
Suggestion
-
Resolution: Unresolved
-
None
When using the REST API to retrieve a Jira issue, if the issue has attachments the REST API response includes them in `content` and `thumbnail` attributes in the form:
- https://<instance>.atlassian.net/rest/api/3/attachment/content/<id>
- https://<instance>.atlassian.net/rest/api/3/attachment/thumbnail/<id>
If you a Forge Custom UI application attempts to load these images then it will fail a permission check.
In order to load the image it is necessary to update the Forge application manifest to include:
permissions:
external:
images:
- "https://api.media.atlassian.com/*"
Given that the api.media.atlassian.com is an Atlassian domain it should be possible to include this in the CSP by default to avoid the need to set this permission.
- is related to
-
- Closed
- is blocked by
-
EXT-1589 Failed to load
- split from
-
ECOHELP-29241 Failed to load
[ECO-88] https://api.media.atlassian.com should to be added to the Forge Custom UI CSP
| Remote Link | Original: This issue links to "EXT-1589 (Jira)" [ 838464 ] | New: This issue links to "EXT-1589 (Ecosystem Platform)" [ 838464 ] |
| Remote Link | Original: This issue links to "ECOHELP-29241 (Ecosystem Jira)" [ 838397 ] | New: This issue links to "ECOHELP-29241 (Ecosystem JIRA)" [ 838397 ] |
| Link |
New:
This issue is related to |
| Remote Link | New: This issue links to "EXT-1589 (Jira)" [ 838464 ] |
| Remote Link | New: This issue links to "ECOHELP-29241 (Ecosystem Jira)" [ 838397 ] |