Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use postMessage to redirect to Shopify during authentication #366

Merged
merged 7 commits into from
Jan 6, 2017
Merged

Use postMessage to redirect to Shopify during authentication #366

merged 7 commits into from
Jan 6, 2017

Conversation

Hammadk
Copy link
Member

@Hammadk Hammadk commented Dec 15, 2016
edited
Loading

A recent change was proposed in Chrome Canary 57.0.2933.0 that will break embedded app authentication.

Proposed solution:

  • Instead of using window.location.origin to redirect to the authentication URL, we should use window.parent.postMessage (this logic is in #fullpage_redirect_to).

This PR won't be merged until extensively tested

Related refactor:

  • This PR also replaces #redirect_to_with_fallback with the Rails method: redirect_to. #redirect_to_with_fallback doesn't work like we think it does. The status and location headers take priority over the inline response. The fallback only happens if the browser ignores the status and location headers -- which doesn't happen on any modern browser.

  • This PR moves #sanitized_shop_name and #sanitize_shop_param(params) from SessionsConcern to LoginProtection. LoginProtection is already included SessionController.

Please see the following issue for reference: https://github.com/Shopify/shopify/issues/93680

@nwtn @peterjm @kevinhughes27 Please review

@peterjm
Copy link
Contributor

peterjm commented Dec 15, 2016

Requires the beta flag to be removed from this feature, but I'm sure you know that 👍

@Hammadk
Copy link
Member Author

Hammadk commented Dec 15, 2016

@peterjm Done in https://github.com/Shopify/shopify/pull/95550 :)

@Hammadk Hammadk changed the title Use postMessage to redirect to Shopify during authentication WIP (issue with account creation) - Use postMessage to redirect to Shopify during authentication Dec 16, 2016
@Hammadk Hammadk changed the title WIP (issue with account creation) - Use postMessage to redirect to Shopify during authentication Use postMessage to redirect to Shopify during authentication Jan 6, 2017
@Hammadk
Copy link
Member Author

Hammadk commented Jan 6, 2017

Updated and tested in the following browsers:

  • Canary Chrome 57.0.2973.0
  • Firefox 43.0.4
  • Safari 10.0.2
  • Chrome 55
  • IE11 on Windows 7

@Hammadk Hammadk force-pushed the use-post-message-to-redirect branch from 3d738fc to 644a3eb Compare January 6, 2017 15:12
@Hammadk Hammadk merged commit 2ac8dfb into master Jan 6, 2017
@Hammadk Hammadk deleted the use-post-message-to-redirect branch January 6, 2017 17:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevinhughes27 kevinhughes27 kevinhughes27 approved these changes

@peterjm peterjm peterjm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Hammadk @peterjm @kevinhughes27 @ashmaroli