Privacy flaw with Shopify App Proxy

New Member
1 0 1
The shopify store front app proxy is exposing URLs. If you visit the shopify store url without https:// or include a trailing slash in the URL, then instead of acting as a proxy shopify turns into a redirect and redirects to the proxy URL revealing the underlying website and opening that open to the public.

An example: will load correctly. will expose the underlying url of the proxy will expose the underlying url of the proxy
This is a HUGE security flaw because ANYONE can see ANYONE's Proxy URL just by changing https:// to http://
Here is another forum post about the same issue that no one responded too...
Shopify can you please fix this...