Questions and discussions about using the Shopify CLI and Shopify-built libraries.
So for a few years now I have a Shopify App Proxy deployed. My proxied receiver evaluates the HMAC signature and also validates the Referer header value. To help ensure the request came through the proper route. I'd say that 90% of the time this works flawlessly. Yet I am seeing some failures. The HMAC signature is fine, but the proxied receiver isn't getting any Referer header value passed along. Is this known behavior, or perhaps is it something on the client that might be dropping this header value from appearing?
Looking closer at the web sessions, they aren't just initially landing on the Shopify page right off the bat. They are browsing and clicking through various pages on the Shopify site. So they should be sending along the Referer header values I'd imagine.
Solved! Go to the solution
This is an accepted solution.
After testing out a few different ways, I can only assume it's something on the client's end. In terms of specific browser options that are manually being defined somewhere. Eliminating this Referer header value from being passed along.
At this point I'd consider this to be a client-side issue, so not much can be done on my end in that regard really.
This is an accepted solution.
After testing out a few different ways, I can only assume it's something on the client's end. In terms of specific browser options that are manually being defined somewhere. Eliminating this Referer header value from being passed along.
At this point I'd consider this to be a client-side issue, so not much can be done on my end in that regard really.