CORS issue with Checkout UI Extension at Payment

TheThisThat · February 14, 2024, 12:30am

Created a very basic checkout extension inside of an app using node. Selected Remix, JS + React.

Tested it in dev environment and everything works great. I went to deploy it and can see the target under pickup (collects data from customer and passes to order metafields) which passes info as it should but when I checkout (pay) my target on the thank you page (Banner that takes the entered metafield data and shows the customer what they selected) gets thwarted with the CORS message below and doesn’t show up at all. I am not making any calls to an outside API.

Access to fetch at ‘https://eating-hotdogs-stupid-lackluster.trycloudflare.com/extensions’ from origin ‘https://some-shop.myshopify.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Works great before payment is made and everything works great on dev. It is a dev store with Checkout and Customer Accounts Extensibility. I did create a custom distribution link for the install. Wondering if the App Bridge config may be off as the embed of my app looks off but no idea how or what I would do to fix this. Any help would be appreciated. Talk down to me. This is my first app.

eanthony · February 28, 2024, 6:40pm

@TheThisThat

I had the same issue recently when I migrated my app to the Remix template. The solution in this post helped point me in the right direction.

First, I installed the remix-utils package.

Then in the API route, I use the CORS function to return the loader function response:

import { json } from "@remix-run/node";
import { cors } from 'remix-utils/cors';

export const loader = async ({ request }) => {
  const response = json({ body: 'data' });
  return await cors(request, response);
};

In the action function I also return the data using the CORS function, for example:

export const action = async ({ request }) => {
  const body = await request.json();
  const query = {
      'simple-example': true
    };

    const queryString = new URLSearchParams(query).toString();
    const response = await fetch("https://simple-example.com?" + queryString, { 
      method: "GET", 
      headers: {
        'Content-Type': 'application/json'
      }
    });

    const data = await response.json();
    return await cors(request, json(data));
};

And finally, the only way I could get around the “…OPTIONS request method not allowed” errors after integrating the CORS function in the API route was to return CORS headers at the very beginning of the handleRequest function in entry.server.jsx, for example:

// Return CORS headers on OPTIONS request
  try {
    if (request.method === `OPTIONS`) {
      return new Response(null, {
        headers: {
          'Access-Control-Allow-Origin': '*',
          'Access-Control-Allow-Methods': 'GET, OPTIONS',
          'Access-Control-Allow-Headers': 'Content-Type, Accept, Authorization, X-Requested-With, Application, ip'
        },
      });
    }
  } catch (e) {
    console.error(e);
  }

I hope this helps you or someone else!

ymq · June 19, 2024, 1:03pm

Hi,

Is your problem solved? I have the same problem, we have a cors issue when requesting api.sign-changeset.jsx.

Can you share some solutions to solve this problem?

Best regards!

Topic		Replies	Views
CORS Issue in Checkout UI Extension with App Proxy \| Remix JS Shopify Apps shopify-apps	8	323	April 5, 2025
CORS Issue In Checkout Extension Shopify Apps shopify-apps	2	152	February 13, 2025
Issue calling shopify app api from checkout UI extension Extensions troubleshooting , Setting-Up	13	322	June 12, 2024
After update shopify and remix pacakages getting cros error Shopify Apps shopify-apps	0	20	February 3, 2025
Encountering a CORS error in the Checkout UI when making a fetch call to the Shopify Remix App API. Shopify Apps shopify-apps	12	427	June 2, 2025

CORS issue with Checkout UI Extension at Payment

Related topics