Rate this page:
Connect apps extend Jira and Confluence by adding a custom iframe into the products' web pages. This iframe instance is on a different domain or hostname from the parent page and so is a sandboxed environment. The browser's same origin policy applies to this sandboxed environment, meaning that:
As a result, for example, a Jira Connect app would be unable to make any changes to a ticket or a Confluence Connect app made any changes to a Confluence page.
Window.postMessage()method that safely enables cross-origin communication between Window objects, such as, between a page and an iframe embedded within it.
An app can generate multiple iframes in a page in the target application. These iframes may need to share information.
all.js, provides a publish/subscribe mechanism
to exchange data between iframes.
A common scenario where an app presents multiple iframes in a page is where a web panel or other page element spawns a dialog box.
The only restriction on the data shared in this manner is that it must be serializable using the structured clone algorithm.
For more information see the event API.
This library establishes the cross-domain messaging bridge with its parent. It also provides several methods and objects that you use in your pages without making a trip back to your app server.
You add the
all.js script to your pages to establish the cross-domain messaging bridge with the
If you're using the atlassian-connect-express client library to build your app, this script is inserted into your pages at run time.
Don't download the
all.js file and serve it up from your app server directly. The
must be served up by Atlassian for the cross-domain messaging bridge to be established.
all.js file is only intended for use in an iframe inside an Atlassian product and does not work
for standalone web pages.
passed using the
<script src="https://connect-cdn.atl-paas.net/all.js" data-options="option1:value;option2:value"></script>
If you're using requirejs or another dynamic script loader, use an element with an ID of
ac-iframe-options in place of a script tag.
<div id="ac-iframe-options" data-options="option1:value;option2:value"></div>
The following options are supported:
|You can deactivate the automatic resizing by setting |
You can view an uncompressed version of the
all-debug.js, for example:
<script src="https://connect-cdn.atl-paas.net/all.js"></script> <!-- replace with --> <script src="https://connect-cdn.atl-paas.net/all-debug.js"></script>
all.js errors available to scripts running in your iframe (for example, front end monitoring
such as Sentry or New Relic), make a CORS request:
<script src="https://connect-cdn.atl-paas.net/all.js" crossorigin="anonymous"></script>
URL query parameters are encoded as
This converts spaces to
A simple way to handle this is to convert
%20 before decoding. A utility function
is provided for this purpose. For example:
Rate this page: