App development: handle "install app (no iframe)" and "open app (with iframe)"

Alex973 · ‎04-20-2020

I'm developing a Shopify App for a customer (php + react-scripts), the App was rejected because the install does not redirect to OAuth (at the time I was returning Javascript which escaped from the possible iframe and redirected to OAuth, it works with the "test app with a shop" from the Partners admin page and opening the application from the shop admin page).

The problem I've is that the http request that I receive for the "install" and the request for the "open application from the shop admin page" are the same, the only difference I noticed, the "open" adds a variable "session "in the query string.

I need to distinguish if the request is "install" or "open" because in the second case the App is executed within the iframe and if I redirect directly I receive a Content-Security-Policy error in Firefox, an X-Frame-Options deny in Chrome, Safari does not show the App (the redirect is blocked). My understanding is, if it is an "open" I should instead go back to the Javascript that escapes from the iframe and then redirects to OAuth (as shown in the examples of Getting Started with App Bridge).

I have searched the documentation and the Community forum but have not yet found an "official" reference to this "session" variable or how to recognize and handle if I am installing or opening the application.

Can I use the "session" variable to distinguish or are there other better/"official" solutions?

Thanks in advance

App development: handle "install app (no iframe)" and "open app (with iframe)"

shopify email after installing email apps

Product customizer app

T-shirt

my new store wont connect to facebook

How Can I Set Up at OMNA

shopify email after installing email apps

Re: T-shirt

Re: T-shirt

Re: Product customizer app

Re: Order verification text message app