search

Shopify / shopify-app-bridge

https://shopify.dev/docs/api/app-bridge
88 stars 9 forks source link

POS embedded apps redirect to Shopify Admin page on initial session load (ongoing since version 7.x) #129

Closed derrickrc closed 1 year ago

derrickrc commented 2 years ago

Describe the bug

Ever since Shopify POS 7.x, POS users are seeing sensitive Shopify Admin data on the first load of the day of the POS app. This bug has been going on for nearing 3 months now.

To Reproduce

This happens on the first load of the day typically, or after a merchant hasn't used Shopify POS / an app for a long time.

Contextual information

More discussion and screenshots: https://shopifypartners.slack.com/archives/C010HGLJHFY/p1653062084967679

Platform

Shopify POS version 7.x (the image below is from a merchant today using 7.3.1).

Screen Shot 2022-07-26 at 7 50 52 AM

derrickrc commented 2 years ago

Hi team we are approaching 4 months since this bug was first reported and it is still impacting merchants. Is there any ETA on when this will be fixed? Thanks.

derrickrc commented 2 years ago

Shopify team, any updates? We are getting uninstalls of our app because of this months-long bug.

Screen Shot 2022-09-29 at 9 10 14 AM

henrytao-me commented 2 years ago

@samiulmonir06 is looking into this now.

js-goupil commented 1 year ago

We're closing this issue. We can't reproduce it anymore, and the latest instance of this was from a merchant over a month ago on an older version of POS. I spoke with @derrickrc on Slack and he confirmed he has not seen this issue in a while, and he did not have any of his merchants have it come up recently either. We implemented several fixes for this in the summer. If the issue comes up again, on the latest version of POS and is re-producible please reopen this ticket. Thanks!

derrickrc commented 1 year ago

Hey @js-goupil @samiulmonir06 @henrytao-me, unfortunately we are still seeing this bug happen and receiving reports of it. I was on a FaceTime yesterday with a merchant troubleshooting an unrelated issue, and saw this happen with my own eyes.

They were on Shopify POS 8.1.0, iPad 9th generation. iOS 16.2 - so my hypothesis that this was only impacting older iPads is not correct. Happy to share the shop details as well if it's helpful - thanks and sorry about this!

henrytao-me commented 1 year ago

Hi @derrickrc, fyi POS team is pushing a fix for this in the next release. 🙇

peter-visualsquares commented 1 year ago

Hi @derrickrc, fyi POS team is pushing a fix for this in the next release.

Hello @henrytao-me, just want to know current status. Is the fix pushed? Two versions of @shopify/app-bridge (3.7.3 and 3.7.4) are released after this comment. May I assume they contain the fix? Thanks!

henrytao-me commented 1 year ago

@peter-visualsquares, it should be fixed from Shopify POS 8.4.0 or newer. Can you let us know if it is still an issue 🙇?

Note that: this is not related to the the version of app-bridge you are using.

peter-visualsquares commented 1 year ago

8.4.0 or newer

@henrytao-me Got it thanks! I can see it in Shopify POS 8.4.1. The ipad is 9th generation and IOS version is 15.6.1. I can provide some screenshot via email if you share me an email address.

NathanJolly commented 1 year ago

Hi @peter-visualsquares, thank you for the update. Would you send any videos or screenshots you have to app-bridge@shopify.com, please?

We're looking to deduce the issue, so any steps to reproduce the issue or any sort of consistency you can offer would be helpful. Thank you!

derrickrc commented 1 year ago

@NathanJolly it's difficult to reproduce this with any consistency, this happens on the first load of the day typically, or after a merchant hasn't used Shopify POS / an app for a long time. I personally have not seen it on my development store since last year, but merchants are still experiencing it.

peter-visualsquares commented 1 year ago

Hi @peter-visualsquares, thank you for the update. Would you send any videos or screenshots you have to app-bridge@shopify.com, please?

We're looking to deduce the issue, so any steps to reproduce the issue or any sort of consistency you can offer would be helpful. Thank you!

@NathanJolly I have sent an email with an video thanks! Please let me know if your team do not receive it

henrytao-me commented 1 year ago

Heads up: POS team has merged a change attempting to fix this issue. It should be available on the Apps Store for the upcoming release. We will ping here when it's live.

vctrchu commented 1 year ago

Version 8.7 of POS should live next monday. Please check for the fixes then. Thanks.

peter-visualsquares commented 1 year ago

Update I can see the issue after updating to 8.7 version. This is what happened

  1. Yesterday i was using 8.6.1 version, and login to a store on POS.
  2. Today I updated the app to 8.7
  3. Then I open the POS app and click an app tile
  4. Then I am redirected to Shopify admin page

It still only happen once per day. I will keep trying in the coming few days to see if I can reproduce it consistently.

peter-visualsquares commented 1 year ago

@henrytao-me @vctrchu pls let me know how I can assist on the issue thanks!

derrickrc commented 1 year ago

@vctrchu @henrytao-me unfortunately this issue does not appear to be fixed, any update?

vctrchu commented 1 year ago

@henrytao-me I believe this is being looked into. Any updates?

henrytao-me commented 1 year ago

I didn't have time to look into this last week. It's still on my list though 🙇