HTML Macro for Confluence

v3.1 Fix for HTML Form Submissions

Version: v3.1.0

Release date:

This version fixes an issue where HTML forms inside the macro were unable to submit to external domains. This was caused by a recent Atlassian platform change enforcing a form-action 'self' Content Security Policy (CSP) directive, which blocks native form submissions to external URLs.

The app now intercepts form submissions and re-sends them via fetch(), which is not restricted by the form-action directive.

Requirement

Because the submission now travels as a fetch() request rather than a browser navigation, the target server must include the following CORS response header:

Access-Control-Allow-Origin: *

We have created an example server with a form:

https://nameless-fire-3e46.narva-software.workers.dev/

You can use this to test form submission from HTML Macro in Confluence.