Development store Proxy app CORS problem

Retired Boards Appdev Custom Storefronts

Topic summary

A developer is encountering CORS errors when attempting to access their Shopify development store proxy app from external sources (Netlify-hosted storefront and Postman). The specific error indicates that the ‘Access-Control-Allow-Origin’ header is missing from the response.

Key Details:

  • Direct browser access to the proxy URL works correctly
  • XMLHttpRequest from https://test.MYDOMAINNAME.com to https://MYSHOPNAME.myshopify.com/a/proxy/test is blocked
  • Error manifests as “Network Error” in the application

Developer’s Questions:

  • Is the issue related to development store password protection or a WP page not returning correct headers?
  • Is there a workaround for development stores, such as bypassing the password requirement in requests?

The discussion remains open with no responses or solutions provided yet. The issue appears specific to development store configurations and their interaction with CORS policies.

Summarized with AI on November 25. AI used: claude-sonnet-4-5-20250929.
1

Hi

I’m unable to use my development store Shopify proxy app when creating requests from my storefront code(hosted in Netlify) or from Postman - it gets CORS error. When I go directly to my proxy link, it works fine.

Access to XMLHttpRequest at 'https://MYSHOPNAME.myshopify.com/a/proxy/test' from origin 'https://test.MYDOMAINNAME.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
CartItems.client.tsx:34 Error ========> U {message: 'Network Error', name: 'AxiosError', code: 'ERR_NETWORK', config: {…}, request: XMLHttpRequest, …}
xhr.js:220 GET https://MYSHOPNAME.myshopify.com/a/proxy/test net::ERR_FAILED 302

Is it related somehow to development store password protection or pw page, which is not returning correct header?
Is there a workaround for development stores, for example add store password somewhere into request and bypass that check?