React integration
For React apps,BridgeHostProvider is the recommended path: wrap your iframe-rendering subtree, track the iframe element in state, and use hooks to interact with the bridge.
Using BridgeHostProvider
BridgeHost once iframe transitions from null to a real element. Children using the hooks see host come online at that point.
Reading bridge state in components
useBridgeHost() returns the current BridgeHost, or null while the iframe isnβt attached. Use it to read observable state and call imperative methods.
host.receivedMessages and host.pendingRequests are arrays, not observables. They mutate in place as messages arrive β React will not re-render the badge component unless something else triggers a render. For reactive UI, subscribe to events via useBridgeHostEvent or to errors via useBridgeHostError, and lift state to your own components.Listening for events
Subscribe to specific event actions emitted by the journey usinguseBridgeHostEvent:
useCallback) prevent re-subscription on every render.
Surfacing errors
Subscribe to internal SDK errors withuseBridgeHostError and lift to React state if you need to render them:
Dynamic journey URLs
Two patterns for changing journey URLs. Pattern A β Updateiframe.src (preserves the BridgeHost):
allowedOrigins snapshot still applies β both URLs must share an origin already in the allowlist.
Pattern B β Remount the provider (rebuilds the host with fresh config):
key discards the existing host (calls detach) and rebuilds with the new config. Use this when allowedOrigins, hostVersion, or capabilities need to change at runtime.
Multiple iframes on one page
EachBridgeHostProvider is independent and owns its own BridgeHost. Use this pattern when you have two side-by-side journeys, or when you split capture flows into separate iframes.
Framework-agnostic integration
If youβre not using React, instantiateBridgeHost directly from the core @gbg/go-bridge-web package.
Vanilla JavaScript
host.detach() when the iframe is removed or the screen unmounts to release the window message listener.
Vue 3 (Composition API)
Angular
Svelte
Server-side rendering (Next.js, Remix, SvelteKit)
BridgeHost requires window, MessageEvent, and DOM access β none of which exist on the server. The SDK must run client-side only.
Next.js (App Router)
Mark the journey component with"use client" and let it render only on the client:
@gbg/go-core server-side), and only the journey URL crosses to the client.
Next.js (Pages Router) and other SSR frameworks
If you canβt mark a component as client-only, gate the bridge setup on auseEffect so it never runs during server render:
<ClientOnly> in Nuxt, onMount in SvelteKit).
Lifecycle considerations
BridgeHostProvider handles most of this for you in React. For non-React hosts, you own the lifecycle. Either way, these rules apply.
Set up handlers before the journey requests them
If a request arrives before its handler is registered, it goes topendingRequests. The journey will be left waiting (or time out) until you respond manually via host.respond(...). Register handlers before the iframe loads β in React, mount the handler components inside the provider; in vanilla JS, call registerHandler immediately after new BridgeHost(...).
Detach when the iframe is removed
Callhost.detach() (or unmount the provider) when the iframe goes away. Failing to detach leaves the window message listener attached and the BridgeHost instance reachable from a closure β a small leak that compounds across navigation.
Config snapshot at attach time
BridgeHostProvider snapshots allowedOrigins, hostVersion, and capabilities when the underlying host is built. To apply runtime changes:
- Use a
key-based remount to discard and rebuild. - For capabilities specifically, use
host.registerCustomCapability(id, version, handler)viauseBridgeHost()β it adds to the effective capability map at runtime without rebuilding the host.
iframe.src and outbound message timing
HostIframeChannel resolves targetOrigin from iframe.src at send time. If iframe.src is empty when you call host.sendEvent(...) or host.respond(...), the outbound is dropped with a console.warn. In React this is normally automatic (the iframe renders with src set). In vanilla JS, set iframe.src before the first outbound send.
Next steps
- Messaging β Send events, handle requests, and observe the message flow.
- Capability Handling β Declare capabilities, register handlers, and handle dynamic capability state.
- Security β CSP, origin allowlist, transport, and token exchange.
- API Reference β Detailed reference for
BridgeHostProvider, hooks, andBridgeHost.