Shopify: H1514 DOM XSS on checkout.shopify.com via postMessage handler on /:id/sandbox/google_maps

Description: The /:id/sandbox/googlemaps and /:id/sandbox/googleautocomplete routes on checkout.shopify.com are used to render the Google Map on the "Order Status" page as well as the address prediction on checkout pages. The page performs origin validation on incoming postMessages making sure th...