Commit f4250ab
[2025-01 back-fix] 🍪 Hydrogen Cookie Migration for New Shopify Cookie Architecture (#3354)
* [2025-01 back-fix] 🍪 Hydrogen Cookie Migration for New Shopify Cookie Architecture (#3332)
* Add tracking cookies migration infrastructure
This commit adds the infrastructure for migrating tracking cookies
from legacy _shopify_y/_shopify_s cookies to consolidated encrypted
cookies using Server-Timing headers.
Key changes:
- Add tracking-utils.ts with getTrackingValues() to read tracking
values from Server-Timing headers via Performance API
- Add server-timing.ts with utilities for detecting SFAPI proxy mode
and server-returned tracking values
- Update storefront client to forward tracking values via headers
- Add sameDomainForStorefrontApi option for proxy detection
- Update customer-privacy component to support new cookie migration
- Add buyerIpSig to StorefrontHeaders type
- Update useShopifyCookies with fetchTrackingValues option
* Add E2E tests for tracking cookies migration
This commit adds comprehensive E2E tests for the tracking cookies
migration feature, including both new and legacy cookie scenarios.
Test structure:
- new-cookies/: Tests for the new consolidated cookie system
- consent-tracking-accept/decline.spec.ts
- privacy-banner-accept/decline/consent-change.spec.ts
- privacy-banner-migration.spec.ts (migration from legacy cookies)
- old-cookies/: Tests for legacy _shopify_y/_shopify_s cookies
- consent-tracking-accept/decline.spec.ts
- privacy-banner-accept/decline.spec.ts
- smoke/: Basic smoke tests for cart and home page
Also adds:
- Unit tests for tracking-utils.ts and server-timing.ts
- E2E fixtures for server setup and storefront mocking
- Environment configurations for different consent scenarios
- Updated playwright configuration
* Fix: Delay PerfKit loading until consent is collected
This fixes a bug where PerfKit would load before consent was collected,
causing it to use stale tracking values. The fix delays PerfKit loading
until after the consent collection callback is fired.
Changes:
- Add consentCollected state to AnalyticsProvider
- Only render PerfKit after consentCollected is true
- Update onVisitorConsentCollected callback to track consent state
- Add sameDomainForStorefrontApi to Consent type
* Add SFAPI proxy support to createRequestHandler
- Update @shopify/remix-oxygen createRequestHandler with SFAPI proxy
- Add new createRequestHandler export to @Shopify/hydrogen
- Proxy automatically routes /api/.../graphql.json to Storefront API
- Forward Set-Cookie and server-timing headers from subrequests
- Set _sfapi_proxy server-timing header for document requests
- New proxyStorefrontApiRequests option (default: true)
* Update package-lock.json for version bumps
* Align createRequestHandler with PR #3309
Updates both @Shopify/hydrogen and @shopify/remix-oxygen
createRequestHandler to match the implementation in PR #3309:
- Add collectTrackingInformation option (default: true)
- Add warning when storefront instance is missing from context
- Use appendServerTimingHeader utility instead of manual header
- Move poweredByHeader append to after tracking header processing
- Add TODO comments for future major version changes
- Improve JSDoc documentation for all options
* Add missing getTrackingValues export from hydrogen package
Re-export getTrackingValues from @shopify/hydrogen-react to align
with PR #3309 cookie migration implementation.
* Add buyerIpSig to remix-oxygen StorefrontHeaders
Add the buyerIpSig field to both the StorefrontHeaders type and
getStorefrontHeaders function in remix-oxygen to align with the
hydrogen package's StorefrontHeaders type.
This fixes type compatibility when passing getStorefrontHeaders()
result to createStorefrontClient().
* Add sec-purpose header check to remix-oxygen getStorefrontHeaders
Align with hydrogen's getStorefrontHeaders to check sec-purpose first,
then fall back to purpose. This ensures browser-initiated prefetches
(via Speculation Rules API or <link rel="prefetch">) are properly detected.
* Rename proxyStorefrontApiRequests to proxyStandardRoutes
Aligns the parameter name with PR #3309 for consistency.
* Update Playwright to 1.57.0
Fixes Chromium crashes (SIGTRAP/SEGV) on macOS 15 Sequoia
when running e2e tests. The older version 1.40.1 had
compatibility issues with the newer macOS version.
* Fix e2e test bundle interception pattern for Vite pre-bundled deps
Update the route interception pattern in setWithPrivacyBanner to match
Vite's pre-bundled dependency path format. The previous pattern
(**/@fs/**/hydrogen/dist/**/*.js) didn't match the actual paths served
by Vite dev server (**/node_modules/.vite/deps/@shopify_hydrogen.js*).
* Fix
* fix
* Fix create-hydrogen snapshot for TokenlessApi route
Update the integration test snapshot to include the TokenlessApi route
that was added in #2948 but the snapshot was never updated.
Also includes skeleton template changes for the cookie migration backport:
- Use createRequestHandler from @Shopify/hydrogen with proxyStandardRoutes
- Minor formatting cleanup in root.tsx
* Disable proxyStandardRoutes in classic-remix example
The classic-remix example uses @shopify/remix-oxygen's createRequestHandler
which now defaults to proxyStandardRoutes: true. This requires a storefront
instance with specific methods that the classic-remix example doesn't provide.
Setting proxyStandardRoutes: false restores the previous behavior and fixes
the dev test.
* Also disable collectTrackingInformation in classic-remix example
The classic-remix example doesn't use the full Hydrogen stack,
so disable both proxyStandardRoutes and collectTrackingInformation
to avoid issues with the new request handler options.
* Guard getSetCookie call for environments without Headers support
Some environments like the classic Remix compiler may not have
the getSetCookie method on their Headers implementation.
* Remove redundant in skeleton template; update changesets to be more consistent with 2025-07 PR
* Run e2e tests on CI (#3330)
* Run e2e tests on CI
* test: comment out checkout URl assertions until backend has updated
---------
Co-authored-by: Kara Daviduik <kara.daviduik@shopify.com>
* fix npm run build so that it works in worktrees
* test: update playwright config so that in CI we will get full traces to be able to easily debug failures
* Run npm install (with npm v10)
---------
Co-authored-by: Fran Dios <frankdiox@gmail.com>1 parent 8401911 commit f4250ab
File tree
57 files changed
+4738
-145
lines changed- .changeset
- .github/workflows
- e2e
- envs
- fixtures
- specs
- new-cookies
- old-cookies
- smoke
- examples/classic-remix
- packages
- cli/src/lib
- hydrogen-react/src
- hydrogen/src
- analytics-manager
- cache
- customer-privacy
- utils
- remix-oxygen/src
- templates/skeleton
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
57 files changed
+4738
-145
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
93 | 93 | | |
94 | 94 | | |
95 | 95 | | |
96 | | - | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
| 112 | + | |
| 113 | + | |
| 114 | + | |
| 115 | + | |
| 116 | + | |
| 117 | + | |
| 118 | + | |
| 119 | + | |
| 120 | + | |
| 121 | + | |
| 122 | + | |
| 123 | + | |
| 124 | + | |
| 125 | + | |
| 126 | + | |
| 127 | + | |
| 128 | + | |
| 129 | + | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
97 | 137 | | |
98 | 138 | | |
99 | 139 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
0 commit comments