App url with a port bug?

Highlighted
Shopify Partner
2 0 0

Hi everybody,

I'm developing an app and I ran into a bug. If I enter the app url with a port, I get the error message:

 

Refused to frame 'https://xyz:5001/' because it violates the following Content Security Policy directive: "frame-src app.myshopify.io *.shopifyapps.com *.myshopify.io *.myshopify.com https://* shopify-pos://*".


But after updating the app several times in the browser, the error message disappears again.
If I enter the App Url without a port, I don't get the error message at all.

 

I need to set a port for the app url, because I have running several services on my server. Is there a solution for this?

 

Thanks a lot

 

0 Likes
Highlighted
Shopify Staff
Shopify Staff
1555 81 282

At the moment it looks like the CSP directive is a host source as https://* which means that we're not specifying allowed ports/port ranges, which means the only explicitly allowed port is the default. I'm not certain why it started working for you after refreshing a few times, if I'm understanding you correctly.

 

We don't see any reason not to allow you to specify ports at the moment, so we're going to explore the idea of updating that CSP directive soon.

 

I'll keep this thread updated.

4 Likes
Highlighted
Shopify Partner
2 0 1

Is this problem solved? I also encountered an inaccessible port that is not accessible

0 Likes
Highlighted
Shopify Partner
2 0 0

That would interest me, too. At the moment we use heroku and in the long run it becomes unnecessarily expensive.

0 Likes
Highlighted
New Member
1 0 0

Hi Alex,

It is the end of Feb 2020 and the issue is still not resolved. Any chance it would be fixed any time soon?

0 Likes