Troubleshoot the Storefront Toolkit

You can troubleshoot some common issues with the Storefront Toolkit.

The Storefront Toolkit JavaScript is inserted before the first JavaScript tag in the HTML <head> section of your storefront. If the HTML <head> section contains no JavaScript, the Storefront Toolkit JavaScript is inserted at the end of the <head> section.

The following table lists some problems commonly encountered when you use the Storefront Toolkit, along with potential solutions.

Table 1.
Problem Solution
You try to open a page in the Storefront Toolkit and you get a message that the toolkit failed to initialize.
  • Make sure that you’ve correctly configured the HTTPS host and that the hostname aliases point to the correct instance using DNS. See Hostname Aliases.
  • To open the storefront, click Storefront. Make sure to use HTTPS in the URL for the storefront. If the browser displays an error regarding an invalid certificate, allow an exception for the certificate.
  • Remove CDATA sections from your HTML storefront code. The Storefront Toolkit doesn't support CDATA.
The Content Information tool doesn't show content and product tags.

It's possible that page markers are missing from the HTML. Add <!-- dwMarker="content" dwContentID="${pdict.Content.UUID}" --> when rendering content assets and <!-- dwMarker="product" dwContentID="${Product.UUID}" --> when rendering products.

The Search Results Window or Product Search Model Window isn't available. Make sure that the isobject tag is correctly implemented. See Enable the Search Information Tool.
The Storefront Toolkit tools show no information. It's possible that the Content Delivery Network (CDN) is removing HTML comments. Disable this feature in the CDN. If you use Cloudflare, see How do I minify HTML, CSS, and JavaScript to optimize my site?
Toolkit shows an empty storefront.

If anticlickjacking is included in your code, the content of the page can be hidden when opened in an iframe. To resolve this issue, we recommend that you add a custom site preference to disable anticlickjacking on staging or sandbox instances. For more information, see Clickjacking.

URLs constructed using the following methods of dw.web.URLUtils aren’t working as expected:
  • url
  • http
  • https
  • abs

The Storefront Toolkit adds a cache-busting parameter to URLs. For example, you use URLUtils.url to construct a URL with a parameter like this: URLUtils.url(”Pipeline-Start”) + “?param=value”.

The resulting URL is

The URL doesn’t work as expected and can cause problems in the storefront depending on where you use it.

Use URLUtils as in this example to pass in a URL parameter: URLUtils.url("Pipeline-Start", "param", "value").

When you use the Storefront Toolkit, the resulting URL is The URL has the & character instead of ? before param. When you don’t use the Storefront Toolkit, the resulting URL is

The Storefront Toolkit disappears after you click a link.

Check to see if you’re using links that include a target=”_top” attribute, as in this example:

<a href="/example/link" target="_top">An example link</a>

The target=”_top” attribute causes the browser to open the link in the topmost frame, resulting in the Storefront Toolkit not being visible.

The storefront doesn’t appear in the Storefront Toolkit, or the toolbar of the Storefront Toolkit doesn’t appear.

ClickJack Protection or Anti-ClickJack scripts can cause these errors. ClickJacking is when a malicious actor displays your website in an iframe that the attacker controls. The attacker can intercept input events to see the information, such as passwords or credit card numbers, that a user enters.

Instead of using scripts, to prevent clickjacking, include the following HTTP headers in your storefront: X-Frame-Options: DENY and Content-Security-Policy: frame-ancestors ‘none’.

Use the following code in your storefront to set these headers:

response.setHttpHeader("X-Frame-Options", "DENY");
response.setHttpHeader("Content-Security-Policy", "frame-ancestors 'none');
When you click a link from the Storefront Toolkit, you’re prompted to log in to the instance and the log in fails. Make sure you’re using the new Storefront Toolkit. The deprecated version of the Storefront Toolkit doesn’t work reliably in combination with Unified Authentication.
Clicking an "Edit Content Asset in Business Manager" link opens the creation dialog for a new content asset instead of the edit dialog for the existing one.

Look for the Page Marker in your custom code:

<!-- dwMarker="content" dwContentID="${pdict.Content.UUID}" -->

The expression used for the dwContentID may be different. Make sure that expression actually evaluates to the UUID of the content asset.

You tried all the solutions, but the Storefront Toolkit still doesn't work. Disable and clear the page cache.
X Privacy Update: We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used. By continuing to use this site you are giving us your consent to do this. Privacy Policy.