I am new to ruby on rails and building a shopify app. I downloaded and installed a simple embedded app example from github 'https://github.com/Shopify/shopify_app'. Deployed the app on heroku. The app loads, authenticates with a shopify store, installs but does not render an iframe with product data in the shopify store after installation.
I get the following error and get stuck in a redirect loop: ShopifyApp detected that it was not loaded in an iframe and is redirecting to: https://MYSHOP.myshopify.com/admin/apps/APIKEY/. I researched it a bit and seems it is because the X-FRAME-OPTIONS are set to DENY for the above link.
I have already changed my config/application.rb file to include the following:
config.action_dispatch.default_headers = {
'X-Frame-Options' => 'ALLOWALL'
}
However this seems to be only resetting X-FRAME-OPTIONS for my apps heorku url and not the shop's myshopify url in which I am trying to render my app. See below for header information from network debugger on chrome.
Content-Type:text/html; charset=utf-8
Date:Fri, 05 Jun 2015 13:28:29 GMT
P3P:CP="NOI DSP COR NID ADMa OPTa OUR NOR"
Server:nginx
Status:200 OK
Vary:Accept-Encoding
X-Content-Type-Options:nosniff
X-Dc:ash
X-Frame-Options:DENY
Has anyone seen this before? How do I change the X-frame-options header for the shop I am trying to render my app into. I am completely lost as to how to fix this! Any help would be amazing..
