Visa checkout javascript not working in chrome

arifkhadrani
Regular Visitor

Visa checkout javascript not working in chrome

I am using Visa checkout Sandbox. And once I click on Visa Checkout button, popup appears. But popup is completely blank.

 

It is giving below error

Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://sandbox.secure.checkout.visa.com') does not match the recipient window's origin ('https://avisuk.local.avistest.net:8443'). in sdk.js:13150 

 

Can you pleae help me out in this

6 REPLIES 6
jvenkata
Community Moderator

Re: Visa checkout javascript not working in chrome

Hi,

 

We are looking into this inquiry. Will keep you posted shortly.

 

Thanks,

Jai

jvenkata
Community Moderator

Re: Visa checkout javascript not working in chrome

Hi,

 

Thank you for your inquiry. In order to assist you better, can you please provide us with the correlation ID,the email address associated with the Visa Checkout Developer Account as well which SDK version and for which operating system are you trying to implement? 

 

To confirm is this only happening in Chrome and on the web view not on a mobile device. Has you tried any other browsers?

 

Since we need your email id, please share the above to developer@visa.com , so we can take it forward accordingly.

 

Thanks,

Jai

arifkhadrani
Regular Visitor

Re: Visa checkout javascript not working in chrome

Hi,

 

I have sent required details asked, from my email address, Kindly have a look into it.

 

Thank you,

arifkhadrani
Regular Visitor

Re: Visa checkout javascript not working in chrome

Same issue is happening with other browsers as well

surajgoel
Helper

Re: Visa checkout javascript not working in chrome

Getting the same error.
Please help if you have any solution.

Thanks

Re: Visa checkout javascript not working in chrome

Hello,

 

It's true, this is a valid issue with the newest versions of Chrome. 

 

The X-Frame-Options directives are deprecated, the modern alternative is the Content-Security-Policy header, which along with many other policies can white-list what URLs are allowed to host your page in a frame, using the frame-ancestors directive, frame-ancestors supports multiple domains and even wildcards.

 

One way to resolve this issue, on Apache for example, is to use the following in your .htaccess file:

Header set Content-Security-Policy "frame-ancestors 'self' *.YOUR_WEBSITE.com *.visa.com"

Or for a specific file: 

<Files YOUR_CHECKOUT_PAGE.html>
Header set Content-Security-Policy "frame-ancestors 'self' *.YOUR_WEBSITE.com *.visa.com"
</Files>

 



Powered by NexWebSites.com