FROM CACHE - en_header

Automated Review: Your embedded app is loading an invalid URL

Yusman
Tourist
6 1 6
‎09-21-2022 02:47 PM

 

Hi everyone. Please can anyone help with a recent automated rejection message we got ?

The rejection says: App must set security headers to protect against clickjacking: There was an error opening your app in the Shopify admin. Your embedded app is loading an invalid URL. <Prints url called to get our app from Shopify admin>. Make sure it is valid.

When you install and load our embedded app on the Shopify Admin, the app loads fine. When we follow the steps to setup iframe protection: https://shopify.dev/apps/store/security/iframe-protection, that all works fine on our app.

We believe the problem is with the Shopify Admin (or browser?) cancelling the first request to fetch our app, and then firing a second request. It seems the automated test only waits for the response of the first request, and assumes the app does not load. (see attached image)

 

We have previously passed automated stages of the app review, so we believe this could be a recent change from Shopify somewhere.

 

Any help will be appreciated.
app_complain.png

 

1,744 Views
Report
Replies 16 (16)
frodrigues
Shopify Partner
7 0 3
‎09-21-2022 05:30 PM

Exactly the same problem with me, first request gets cancelled, second one goes through and iframe loads fine in development store

Screenshot 2022-09-21 at 14.29.02.png

https://community.shopify.com/c/shopify-apis-and-sdks/app-submission-invalid-url-error/td-p/1747008

1,714 Views
Report
yasir_naseer
Shopify Partner
8 0 3
‎10-09-2022 06:05 PM

Greetings, are you able to resolve this issue?

1,643 Views
Report
In response to yasir_naseer
Yusman
Tourist
6 1 6
‎10-09-2022 06:22 PM
We just resubmitted the app and did not get the auto rejection. I assume Shopify resolved it.
1,640 Views
Report
In response to Yusman
yasir_naseer
Shopify Partner
8 0 3
‎10-09-2022 06:25 PM

oh i see, so basically you resubmitted the app, without doing any changes for this issue? or have you done some changes?

1,635 Views
0 Likes
Report
In response to yasir_naseer
Yusman
Tourist
6 1 6
‎10-09-2022 07:49 PM
No changes. We just resubmitted as was.
1,626 Views
0 Likes
Report
In response to Yusman
Maciej_Regula
Shopify Partner
7 0 2
‎10-10-2022 03:03 PM

@Yusman But after the application passed the automated tests, do you still see the canceled request in the network tab?

 

This is extremely frustrating because earlier my app passed automated tests and was rejected by manual reviewer. Now I am stuck on the first requirement of application approval but nothing changed in the code of my application.

 

Does anybody have a similar problem? Why the first request is canceled? I believe this is the reason for rejection.

1,595 Views
0 Likes
Report
In response to Maciej_Regula
Yusman
Tourist
6 1 6
‎10-10-2022 04:16 PM
I haven’t checked for that again, I’ll check if it’s still canceled, and I’ll let you know
1,583 Views
Report
In response to Maciej_Regula
Yusman
Tourist
6 1 6
‎10-10-2022 10:37 PM

I just checked again on our app. it's still cancels first request.

1,570 Views
Report
In response to Yusman
Maciej_Regula
Shopify Partner
7 0 2
‎10-11-2022 03:45 AM

Ok thanks for the reply. This is so weird. It seems that the canceled request is not the problem.

1,512 Views
0 Likes
Report
In response to yasir_naseer
Maciej_Regula
Shopify Partner
7 0 2
‎10-10-2022 03:42 AM

I have the same problem. I can see in the network tab that first request is canceled. @yasir_naseer did you resubmit your app. Did they accept it?

1,616 Views
0 Likes
Report
DaviAreias
Shopify Partner
35 0 5
‎10-10-2022 03:50 AM

Im getting the exact same error but it only happens in my test apps, the published ones do not get the first request cancelled

1,611 Views
0 Likes
Report
DaviAreias
Shopify Partner
35 0 5
‎10-11-2022 07:26 AM

Just a hypothesis, but have you guys tested clearing the "shopifyTestCookie" cookie

 

I tested removing the "shopifyTestCookie" it from my browser and it stopped showing stalled requests.

 

It also stopped showing "prefetch" queries, maybe they use the cookies to pre render stuff and something goes wrong when you don't erase cookies after auth?

1,504 Views
0 Likes
Report
MarkNZL
Shopify Partner
5 0 2
‎10-19-2022 11:19 PM

Also having the same issue. The headers are present but I notice that the first request is canceled when loading the app, did you ever get this resolved?

1,365 Views
Report
In response to MarkNZL
Kris_Doyle
Shopify Partner
138 1 38
‎06-30-2023 09:04 PM

Bumping this question as I'm running into this myself now. In my case, I don't get any errors regarding clickjacking, I just get the first cancelled request with 0 bytes. Second request is fine. Same payload, same everything. 

 

If anyone solved this, I'd LOVE to know how 😉

751 Views
0 Likes
Report
ThreeGoldenMonk
Shopify Partner
1 0 0
‎11-16-2022 03:52 PM 
Hello, I don't know if it will help but, apart from the content 
frame-ancestors https://shopify-dev.myshopify.com https://admin.shopify.com 
I see that you have a ";" at the very end. in my case I use only 
frame-ancestors https://shopify-dev.myshopify.com https://admin.shopify.com
I hope it helps
Cheers

 

1,314 Views
0 Likes
Report
felixmpaulus
Shopify Partner
46 0 17
‎11-22-2023 10:06 AM

still encountering this issue. My first request gets cancelled. This is causing longer load times for my app.

 

So if anyone of you got this figured out, I would appreciate a solution! 🙂

Add bullet points to your productpage with Bloom: Product Feature Bullets
Increase branding and conversion. Set your store apart.
❤️ Free Plan available. Exclusively 5-star reviews.
154 Views
0 Likes
Report
Community Browser

Community Blog Articles

cropped-SYSO-okt23-GROW.png
Unlocking the Secrets of E-commerce Success: An Exclusive Interview with SY...

On our Shopify Expert Marketplace, you can find many trusted third party developers and fr...

By Arno Nov 27, 2023
cropped-shutterstock_offset_2207989361.jpg
Organize Your Products Like a Rainbow: Metafields and Color Sorting

You've downloaded the Search & Discovery app from the Shopify App store, and as you're ...

By Skye Nov 8, 2023
Jasonh_0-1698862247798.png
Community Connect: October Recap

The year-end shopping season is just around the corner. Is a flash sale on your radar? Are...

By Jasonh Nov 6, 2023
Terms of Service Privacy Policy