Discuss and resolve questions on Liquid, JavaScript, themes, sales channels, and site speed enhancements.
I want to express my pain for the this limitation Shopify has imposed on developers.
Shopify doesn't support the use of localhost or any http based URL due to security concerns. For development purposes, we recommend using a tunnelling service, such as ngrok.
I've never come across this on an application before and it's a real pain. Even auth providers like auth0 / Kinde will allow http / localhost callbacks. What is the security concern when the urls can only be set through the admin panel??
Because of this limitation, to locally develop with the new Customer Account API, the entire application has to be proxied through an HTTPS tunneller.
Requiring a tunnelling service for local development adds an additional cost to the developer for building storefronts. Current providers like ngrok offer personal plans up to 5GB/mo bandwidth for $10 / month. Even on their enterprise plan the network bandwidth limit is 15GB.
When working on storefront with images developers will burn through this bandwidth pretty quickly!
Please add http localhost as an acceptable origin. Or provide some other solution or workaround.
I'm very surprised Shopify didn't consider the effects this would have on local development environment here.
I thought about this a bit more after making this post and found a work around.
You can proxy the query parameters and redirect yourself back to localhost from the callback endpoint. Make sure your not serving your entire local storefront through an HTTPS tunneller, and only using it to receive the authorization codes on the callback endpoint.
Starting a B2B store is a big undertaking that requires careful planning and execution. W...
By JasonH Sep 23, 2024By investing 30 minutes of your time, you can unlock the potential for increased sales,...
By Jacqui Sep 11, 2024We appreciate the diverse ways you participate in and engage with the Shopify Communi...
By JasonH Sep 9, 2024