Merge branch 'main' into kos/add_recommendation_config_i18n-ally

Shopify · Jul 11, 2023 · a039471 · a039471
2 parents 494ad13 + 5352fa8
commit a039471
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 2 deletions.
diff --git a/web/app/Http/Kernel.php b/web/app/Http/Kernel.php
@@ -21,6 +21,7 @@ class Kernel extends HttpKernel
         \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
         \App\Http\Middleware\TrimStrings::class,
         \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+        \App\Http\Middleware\AccessControlHeaders::class,
     ];
 
     /**

diff --git a/web/app/Http/Middleware/AccessControlHeaders.php b/web/app/Http/Middleware/AccessControlHeaders.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Shopify\Context;
+
+class AccessControlHeaders
+{
+    /**
+     * Ensures that Access Control Headers are set for embedded apps.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (Context::$IS_EMBEDDED_APP) {
+
+            /** @var Response $response */
+            $response = $next($request);
+
+            $response->headers->set("Access-Control-Allow-Origin", "*");
+            $response->headers->set("Access-Control-Allow-Header", "Authorization");
+            $response->headers->set("Access-Control-Expose-Headers", 'X-Shopify-API-Request-Failure-Reauthorize-Url');
+
+            return $response;
+        }
+    }
+}
diff --git a/web/frontend b/web/frontend
diff --git a/web/shopify.web.toml b/web/shopify.web.toml
@@ -1,4 +1,4 @@
-type="backend"
+roles = ["backend"]
 
 [commands]
 dev = "composer serve"
+6 −16		.github/workflows/merge_patch_dependencies.yml
+7 −7		package.json
+1 −1		shopify.web.toml