I am currently developing an app, but there's still something not going right after the app has been authorized.
Store url: https://devstore-31.myshopify.com
I have used the following url format for authenticating the app in my test-store, since it is still in development, changed the shopname & api key credentials to match my app settings:
Developing locally (localhost:8888):
the loading bar at the top of the page stops almost at the end, and in my console log i get the following messages:
Log: JSON Parse error: Unexpected identifier "tic"
Error messaging: [Report Only] Refused to load frame 'http://localhost:8888/...×tamp=1451414311' because it violates the following Content Security Policy directive: "frame-src 'self' https: blob: data:".
Unrecognized Content-Security-Policy directive 'frame-ancestors'.
the app can't even authorize, It gets stuck while loading in the address bar, so not even the authorization screen is shown.
It shows the same logs/errors as stated above, or this could well be errors generated on the initial load, because the page is stuck while loading.
I have read and tried multiple threads and questions on the shopify forum, stackoverflow, blogs and it seems that more app developers are facing this issue. It must have something to do with the iframe not loading, or to be more specific the x-frame-options header that is set to deny. Is there any workaround to send this header via php? I have no access to the apache configuration files, or php.ini to change these settings server-side.
or is there any "hack" to make this work locally to begin with, so I can get back to developing the app.
Has anyone faced this issue before and can help me with this?
Any thoughts are much appreciated to get this app working.
Attached you find a screenshot with the loading bar almost fully loaded.