We are preparing to port an existing CEP panel to UXP but there are some concerns around dealing with network security. Our panel typically accesses HTTP and file stream resources which are on the customer’s network - as it exists the UXP only seems to allow access to domains which are explicitly whitelisted in the manifest. For applications in on-premises or VPC in environments using customer-specific domains, having to include all possible customer domains in the manifest that every customer receives would represent both a privacy and security concern.
I am curious if there is a suggested means to work around this or a way to disable the domain name whitelist requirement for certain operations? Something like an approve / reject dialog for initial requests to unknown domains like how Mac OS handles new security requests could be useful. A couple of other ways I could see making this work would be to use a “dummy domain” in all customer environments that would have the same top-level domain, or to generate a separate customer-specific manifest and installer for each customer, but neither of these are elegant or efficient solutions.