开发者

X-Frame-Options forbidding redirect to PayPal

开发者 https://www.devze.com 2023-04-01 16:18 出处:网络
I\'ve got a payment system that won\'t redirect to paypal because of the error: \"Refused to display document because display forbidden by X-Frame-Options.\"The form is posted and the proper redirect

I've got a payment system that won't redirect to paypal because of the error: "Refused to display document because display forbidden by X-Frame-Options." The form is posted and the proper redirect url is made, but there is no response returned from the paypal queries:

This redirects properly to the next query: https://www.sand开发者_如何学JAVAbox.paypal.com/webscr&cmd=_express-checkout&token=xxx

This shows no response: https://www.sandbox.paypal.com/us/cgi-bin/webscr?cmd=_flow&SESSION=xxx&dispatch=xxx

If I cut and paste the first query into the browser, it redirects to paypal, when running from the application (in Chrome) however, I get the X-Frame-Options error. (or in Firefox, nothing)


This means that Paypal doesn't allow you to use Paypal in an iframe. You should not use Payapl in an iframe.


I am getting the same issue with Sandbox and I found that it fixed after I remove all *.paypal.com cookies.


Just add: target="_blank" to form


In my case, it was mismatching environment name [sandbox/production] with clientId


If you want to run Express Checkout in an iFrame, see Digital Goods for Express Checkout: https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_IntroducingExpressCheckoutDG

You'll need to have it turned on in the sandbox by PayPal's Tech team before you can use it.


I'm currently working with paypal. You could, at first, think "Hey! tons of doc!! yay!", but it actually SUCKS. Tons of doc that assume you already know what you're looking for. Try the following JS code (you should have already invoked setExpressCheckout method and have a token):

$(document).ready(function() {
    //asynchronously fetch paypal's javascript
    jQuery.getScript('https://www.paypalobjects.com/js/external/dg.js', function(){console.debug("javascript loaded");});
});

//the handler that opens the iframe should be the following. This code assumes token variable has already been initalized
var dg = new PAYPAL.apps.DGFlow({trigger:null, expType:"light"});
dg.startFlow('https://www.sandbox.paypal.com/incontext?token=' +token);

The only thing I needed here whas the F***NG correct URL to use for testing (sandbox environment).

By the way, make sure you are logged in into your sandbox account before testing ;)

0

精彩评论

暂无评论...
验证码 换一张
取 消