The method you take will depend in part on what information is provided by Shopify as either a header, or payload.
As I don’t know what information Shopify provides in such as request, I cannot provide an example. If you can provide the information Shopify sends in a request, I could potentially provide an example.
@philnetlify1 I am still confused about this. From what I know, functions are just cloud API that I could call from a web interface right? How could I use this to set req/res headers? And _headers just allow static headers to be set.
@coelmay I get this. i have actually created csp.js file inside my apps root-folder/netlify/functions/csp.js but this function never get called when the first request is made to the app. After I set this, the CSP headers (https://securityheaders.com/) are always empty.
That’s not going to add the CSP header to the front end app.
The basic example I showed previously needs calling directly. For example, if the function is called my-function.js you would need to browse to (or use fetch, etc.) directly you would need to browse to https://mysite.netlify.app/.netlify/functions/my-function at which point the CSP and the content (the body) is returned.
This is not going to add a CSP header to the front-end app.
@coelmay Ok, then adding dynamic headers to the front-end app is what i need. Do you know how to achieve this with Netlfiy?_headers files allows me to add static headers but not dynamic ones. As i was saying earlier functions are an alternate to self hosted API server and has nothing to do with app headers.