diff --git a/packages/koa-shopify-auth/src/auth/client/request-storage-access.ts b/packages/koa-shopify-auth/src/auth/client/request-storage-access.ts index f64c8642e8..4d65943b3b 100644 --- a/packages/koa-shopify-auth/src/auth/client/request-storage-access.ts +++ b/packages/koa-shopify-auth/src/auth/client/request-storage-access.ts @@ -3,10 +3,10 @@ const requestStorageAccess = (shop: string, prefix = '') => { return `(function() { function redirect() { var targetInfo = { - myshopifyUrl: "https://${shop}", - hasStorageAccessUrl: "${prefix}/auth/inline?shop=${shop}", - doesNotHaveStorageAccessUrl: "${prefix}/auth/enable_cookies?shop=${shop}", - appTargetUrl: "/?shop=${shop}" + myshopifyUrl: "https://${encodeURIComponent(shop)}", + hasStorageAccessUrl: "${prefix}/auth/inline?shop=${encodeURIComponent(shop)}", + doesNotHaveStorageAccessUrl: "${prefix}/auth/enable_cookies?shop=${encodeURIComponent(shop)}", + appTargetUrl: "/?shop=${encodeURIComponent(shop)}" } if (window.top == window.self) { diff --git a/packages/koa-shopify-auth/src/auth/client/top-level-interaction.ts b/packages/koa-shopify-auth/src/auth/client/top-level-interaction.ts index 0da2925d8d..8505b89d3f 100644 --- a/packages/koa-shopify-auth/src/auth/client/top-level-interaction.ts +++ b/packages/koa-shopify-auth/src/auth/client/top-level-interaction.ts @@ -3,7 +3,7 @@ const topLevelInteraction = (shop: string, prefix = '') => { return `(function() { function setUpTopLevelInteraction() { var TopLevelInteraction = new ITPHelper({ - redirectUrl: "${prefix}/auth?shop=${shop}", + redirectUrl: "${prefix}/auth?shop=${encodeURIComponent(shop)}", }); TopLevelInteraction.execute(); diff --git a/packages/koa-shopify-auth/src/auth/create-enable-cookies.ts b/packages/koa-shopify-auth/src/auth/create-enable-cookies.ts index abd27457e4..8d647c8669 100644 --- a/packages/koa-shopify-auth/src/auth/create-enable-cookies.ts +++ b/packages/koa-shopify-auth/src/auth/create-enable-cookies.ts @@ -40,7 +40,7 @@ export default function createEnableCookies({