You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected behavior
Redirect with flash messages set on cookies should be displayed by the Toast function shared by the gem templates in _flash_messages layout and js, also in the embedded_app.html.erb layout
Actual behavior
I have updated my shopify_app and shopify_api from 18.1 and 9.4 versions to the latest ones, with that I found the issue related to the flash messages, which I saw the same problem in this issue #1641
It appears the SameSiteCookieMiddleware was deleted with the release of ShopifyApp 19.0.0. I couldn't find any reference to this in the documentation. This makes Chrome ignore the cookie session, so flash messages stop working. The session_store.rb template in ShopifyApp does not include the .SameSite='None' and Secure options.
Which works but are highlighted by Chrome that will be deprecated soon
I can see that the content used by shopify to read the flash messages does not update at all:
Steps to reproduce the problem:
Create a brand new project with ShopifyApp 21.4.0 and Rails 6.1 +
Add a flash message and redirect to any page inside the app.
In Chrome, check the response headers for cookies and check the options.
The text was updated successfully, but these errors were encountered:
Hi @CaioFML, thank you for opening this issue, I'm going to put it in your backlog so that we can look at it.
CaioFML
changed the title
Flash messages not working after updating the gem to the from 18.1 to the latest version
Flash messages not working after updating the gem from 18.1 to the latest version
Mar 13, 2024
Issue summary
shopify_api version: 12.4.0
shopify_app version: 21.10.0
Ruby version: 3.2.3
Rails 6.1.7.7
Expected behavior
Redirect with flash messages set on cookies should be displayed by the Toast function shared by the gem templates in _flash_messages layout and js, also in the embedded_app.html.erb layout
Actual behavior
I have updated my shopify_app and shopify_api from 18.1 and 9.4 versions to the latest ones, with that I found the issue related to the flash messages, which I saw the same problem in this issue #1641
It appears the SameSiteCookieMiddleware was deleted with the release of ShopifyApp 19.0.0. I couldn't find any reference to this in the documentation. This makes Chrome ignore the cookie session, so flash messages stop working. The session_store.rb template in ShopifyApp does not include the .SameSite='None' and Secure options.
Using the suggested fix it works:
Rails.application.config.session_store(:cookie_store, key: 'some_key', expire_after: some_days, secure: true, same_site: 'None')
Which works but are highlighted by Chrome that will be deprecated soon
I can see that the content used by shopify to read the flash messages does not update at all:
Steps to reproduce the problem:
Create a brand new project with ShopifyApp 21.4.0 and Rails 6.1 +
Add a flash message and redirect to any page inside the app.
In Chrome, check the response headers for cookies and check the options.
The text was updated successfully, but these errors were encountered: