I have a service worker for sending web push notifications which is hosted on my server and configured with header 'service-worker-allowed: /' (you can see below).
When I am trying to host this script with App Proxy 'service-worker-allowed: /' header is removed from response (you can see below).
Last week I didn't have the issue because i was able to send web push notification with same configuration. Do you have any suggestions regarding how to solve this issue.
Solved! Go to the solution
I ran into something similar, in that my app proxy calls were missing header values that previously were honored. Started back on 18-Dec-2020. Not sure if there was some sort of change on Shopify's end, but it sure sounds like it. Maybe someone from Shopify can weigh in on this?
Not sure it is appreciated, but I have to ask anyway. Why use custom headers in the first place? You know Shopify strips cookies and other extraneous values, trying to ensure the Proxy is not a vector for anything nasty. So why not just send data to the Proxy endpoint, work on it, and return results, all without jamming something into the header.
Is there something you can do with a header you can't do with the data payload? What is the purpose where you can achieve something special?
for sending web push notifications you have to use service workers. Application it self does not require anything from headers. But if you want to use service worker in root scope you have to use this header.
for more details about service workers please refer
Shopify has sent us (and others who use the Service Worker framework) a note indicating that they will not support the Service Worker Header in the App Proxy. We (along with numerous other application developers in the community) are reaching out to the team there to see what the plan/status is. However - in the meantime I believe newly submitted App-Proxy apps the require the Service Worker will fail. I'd suggest opening a support ticket with the Shopify team as well.
HunkyBill why you are thinking such? What is problem working with service workers from your perspective? Some applications still has this custom header. Here is push owl service worker response headers.
Sounds like you will need to implement a "middleman" to receive the app proxy requests, massage the data into a format that your service worker will accept, then forward request that along, and finally take the service worker response and pass it back to the app proxy caller.
My scenario where I found the app proxy mechanism had changed was actually a fortunate one. I had mistakenly referenced the app proxy URL with the partner development shop's DNS name. This had worked for about a year and then failed. Due to CORS. I corrected my goof-up by correctly referencing the app proxy URL with the shop's DNS name that it was installed on. Which was the way I should've implemented it all along.
@yadiguzelthere is nothing about what push owl does that requires service workers. Everything that App offers is available through a regular call to a Proxy endpoint. So I see no point in arguing for these headers to be passed. I can see why Shopify would restrict that vector. So it is not like I have a problem with service workers, I am just commenting that I am NOT surprised Shopify does not allow them in the context of Proxy calls.