Shopify script tag debug

TLDR: if you click "Check out" on Shopify and land on the default Shopify checkout instead of your WooshPayment one, the issue is almost always one of these: 1) script not loaded, 2) custom theme with exotic selectors, 3) theme CDN cache, 4) restrictive CSP. Follow the diagnostic sequence below.

Diagnostics in 3 minutes

Open your store, add a product to the cart, then DevTools (F12).

Check 1 — is the script loaded?

DevTools → Network → filter by wooshpayment. Reload the cart page. You should see:

checkout-interceptor.js   200   api.wooshpayment.com   ~3 KB

If you do NOT see it:

• The script is installed automatically via the Shopify ScriptTag API at the OAuth callback. If it's missing, the install has been revoked or there's an expired OAuth.
• 1-click fix: WooshPayment → Integrations → "Reinstall script tag" button. The app makes a new call POST /admin/api/2024-10/script_tags.json with the current accessToken. The script comes back active within 30 seconds (then a hard refresh of the theme on Shopify is needed to avoid cache).
• If the reinstall fails with "OAuth expired", redo the connection from Settings → Shopify connection.

Check 2 — does the script execute?

Browser console on the cart page: look for [WooPay] logs. If you see [WooPay] Failed to create session: … it means the script arrived but the POST /api/checkout/create call failed. Open the detail in the Network tab and read the status + response body:

• 400 Invalid cart → prices changed between add-to-cart and checkout, the customer should refresh
• 401 → Shopify token revoked on the store side, reinstall the app
• 403 → store origin not in CORS allowlist, write to us

Check 3 — does the theme use a known pattern?

The script intercepts:

1. Form submit to /cart or /checkout (Dawn, Sense, Refresh and most themes)
2. history.pushState to /checkout (modern storefront SPAs)
3. window.location.assign/replace to /checkout

If your theme uses an exotic selector (e.g. a custom handler that calls XMLHttpRequest without going through location), the script won't see it. Write to us with the store URL + theme name and we'll add the pattern.

Specific causes

Theme CDN cache

Shopify Plus sometimes has Cloudflare/Fastly in front that cache theme.liquid for 30 min. After installing the script tag, force a purge:

Shopify Admin → Online Store → Themes → "Actions" → Publish (re-publishing invalidates the CDN).

Theme CSP

If the theme sets a restrictive Content-Security-Policy, the script gets blocked. Console will show:

Refused to load script 'https://api.wooshpayment.com/api/checkout-interceptor.js' because it violates CSP

Fix: add api.wooshpayment.com to the theme's script-src, or remove the custom CSP meta (Shopify sets a safe default one).

Headless theme (Hydrogen/Remix)

WooshPayment does not natively support Hydrogen storefronts. You'll need to invoke the REST API directly:

const res = await fetch('https://api.wooshpayment.com/api/checkout/create', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ shop, cartToken, items, totalPrice, currency }),
})
const { checkoutUrl } = await res.json()
window.location.href = checkoutUrl

See API reference for the full payload.

"Buy Now" or sticky checkout apps

Apps like ReConvert, OneClickUpsell, EasyAccess can bypass your cart and call /checkout directly in ways that don't go through the intercepted patterns. Deactivate the app, verify, then reactivate step by step.

When to contact us

After the checks above, if it still doesn't work write to noreply@wooshpayment.com with:

• Your store URL
• Theme name (Online Store → Themes → name next to the thumb)
• Console + Network tab screenshot
• Any [WooPay] log visible in the console

Useful links

• Shopify integration — initial install
• WooCommerce — Woo equivalent
• Payment fails — if the script works but the payment hangs