I'm trying to perform a paypal express checkout payment using credit card, however the code below is throwing an error. The payment is done, I can see it in my sandbox account, however it freezes with the following error:
Refused to display 'http://ift.tt/2mL4jSn' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
data:,:1 Unrecognized Content-Security-Policy directive 'reflected-xss'.
I kinda get that this seems to be a CORS related issue, but why is the script redirecting from sandbox.paypal.com to paypal.com ?
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
<div id="paypal-button" style="text-align: center"></div>
<script src="http://ift.tt/2aJUIDS"></script>
<!-- http://ift.tt/2mL8CNH -->
<input type="radio" name="payment_method" value="paypal" checked> Paypal Account
<input type="radio" name="payment_method" value="credit_card"> Credit/Debit Card
<script>
document.getElementsByName('payment_method')[0].onclick =
document.getElementsByName('payment_method')[1].onclick = function (e) {
REST.payer.payment_method = this.value;
REST.payer.funding_instruments = funding_instruments[this.value];
console.log(REST);
}
var funding_instruments = {
paypal: [],
credit_card: [ // http://ift.tt/2mq6ZlM
{
credit_card: { // http://ift.tt/2mL5RM5
number: '4032038201146812', // http://ift.tt/1lzAnRb
// number: '4111111111111111',
type: 'visa',
expire_month: 4,
expire_year: 2022,
cvv2: 874,
first_name: 'Betsy',
last_name: 'Buyer',
billing_address: { // http://ift.tt/2mKYoNp
line1: '111 First Street',
city: 'Saratoga',
state: 'CA',
postal_code: '95070',
country_code: 'US'
}
}
}
]
}
var REST = {
intent: 'sale',
payer: { // http://ift.tt/2mq2jMJ
payer_info: { // http://ift.tt/2mq2jMJ
email: 'dragos.cirjan+PAYPAL-buyer@gmail.com',
first_name: 'Brian',
last_name: 'Robinson',
payer_id: '4083374655',
shipping_address: {
line1: '4th Floor',
line2: 'Unit #34',
city: 'San Jose',
state: 'CA',
postal_code: '95131',
country_code: 'US',
phone: '011862212345678',
recipient_name: 'Brian Robinson'
}
},
payment_method: 'paypal',
funding_instruments: []
},
transactions: [{
amount: {
total: '1.00',
currency: 'USD'
}
}],
redirect_urls: {
return_url: '/good',
cancel_url: '/bad'
}
};
paypal.Button.render({
env: 'sandbox', // Optional: specify 'sandbox' environment
client: {
sandbox: 'AeD69fQiT7U5YV_ar-1JSC3OKUrkevG805RlOZSk0FiAxju45BRtx50RXWRW1f2UVd1Wr0nytxFGpEbl',
production: 'xxxxxxxxx'
},
payment: function () {
var env = this.props.env;
var client = this.props.client;
if (!REST.payer.funding_instruments.length)
delete REST.payer.funding_instruments;
REST.payer.payer_info.last_name = REST.payer.payment_method;
console.log(JSON.stringify(REST));
return paypal.rest.payment.create(env, client, REST);
},
commit: true, // Optional: show a 'Pay Now' button in the checkout flow
onAuthorize: function (data, actions) {
console.log('THIS IS MY DATA', data, actions);
return actions.payment.execute().then(function () {
console.log('THIS IS MY DATA', arguments);
//window.location.pathname = data.returnUrl;
window.history.pushState(arguments[0], '', data.returnUrl);
});
}
}, '#paypal-button');
</script>
</body>
</html>
Aucun commentaire:
Enregistrer un commentaire