I have a friend that has served up web page data in Node to an iframe in a Shopify page. I am trying to do the same thing through my .NET Core app.
I am working with a bit of legacy code, so it is .Net Core 3.1
I have this in the configure method of my Startup.cs:
app.Use(async (context, next) =>{ context.Response.Headers.Add("Content-Security-Policy", "frame-ancestors https://[mysite].myshopify.com https://admin.shopify.com style-src 'unsafe-inline';"); await next();});but I cannot get the page to load in the iframe. Does anyone know the right combination of declarations and headers to pass from .NET to Shopify to get the app to load?
Links:https://shopify.dev/docs/apps/store/security/iframe-protection
I tried the above combination of declarations and headers in my Startup.cs page, but that has failed. I don't get any errors in .NET, but nothing loads in Shopify.