I have implemented authorize .net iframe in my website and I am facing this issue CSP error
Help me with a solution to render my iframe. Earlier, it was working without any changes. I think its from authorize.net's side.
1
-
1Does this answer your question? Content security policy error when trying to frame Authorize.net hosted payment page– John CondeCommented May 23 at 12:14
Add a comment
|
1 Answer
Possible duplicate of Content security policy error when trying to frame Authorize.net hosted payment page.
I'm experiencing a similar issue with an iframe integration that was previously working but started failing overnight with an error indicating that https://test.authorize.net refused the connection because the frame-ancestors directive of the Content-Security-Policy header was set to 'none'.
UPDATE: This appears to have been resolved in the sandbox area overnight. I am no longer seeing a Content-Security-Policy header on the response when I POST to the https://test.authorize.net/customer/addPayment endpoint, and the issue is no longer occurring in my site. However, some have commented in the Authorize.net developer forum (link in update to question) that the issue is occurring for them in production today.
Best I can tell, Authorize.net started setting the frame-ancestors directive on the content security policy header in a manner incompatible with the iframe integration methods for their "Accept Hosted" endpoints and have now reverted that change.
