All geek questions in one place

X-Frame-Options prohibits redirection to PayPal

I have a payment system that will not be redirected to paypal due to the error: "Refusal to display the document because the display is prohibited using X-Frame-Options." The form submits and the correct redirect URL is generated, but there is no response to PayPal requests:

This redirects correctly to the following request: https://www.sandbox.paypal.com/webscr&cmd=_express-checkout&token=xxx

This does not show the answer: https://www.sandbox.paypal.com/us/cgi-bin/webscr?cmd=_flow&SESSION=xxx&dispatch=xxx

If I cut and pasted the first request into the browser, it is redirected to paypal, but when starting from the application (in Chrome), an X-Frame-Options error appears. (or in Firefox, nothing)

+6
source share
6 answers

This means that Paypal does not allow the use of Paypal in an iframe. You should not use Payapl in an iframe.

+3
source

I am getting the same issue with Sandbox, and I found that it was fixed after deleting all * .paypal.com cookies.

+3
source

Just add: target = "_ blank" to form

+1
source

In my case, it was a mismatch of the environment name [sandbox / production] with clientId

+1
source

If you want to run Express Checkout in iFrame, see "Digital Products for Express Payment": https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_api_IntroducingExpressCheckoutDG

You will need to enable it in the sandbox by the PayPal Tech team before you can use it.

0
source

I am currently working with paypal. At first you might think, “Hey tons of dock! Yay!”, But actually it's SAVING. Tons of document that suggest that you already know what you're looking for. Try the following JS code (you should have already called the setExpressCheckout method and have a token):

$(document).ready(function() { //asynchronously fetch paypal javascript jQuery.getScript('https://www.paypalobjects.com/js/external/dg.js', function(){console.debug("javascript loaded");}); }); //the handler that opens the iframe should be the following. This code assumes token variable has already been initalized var dg = new PAYPAL.apps.DGFlow({trigger:null, expType:"light"}); dg.startFlow('https://www.sandbox.paypal.com/incontext?token=' +token);

The only thing I needed here was for the correct F *** NG URL to use for testing (sandbox environment).

By the way, before testing, make sure that you are logged into your sandbox account;)

0
source

Source: https://habr.com/ru/post/896412/

More articles:


All Articles