Jump to content

Paypal commerce platform 1.4.0 issues


Richard1967

Recommended Posts

Good call cleared the cookies but still no change?

Not sure if this helps?

right clicked on error message window to inspect

gtag.js:40 Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Link to comment
Share on other sites

Had this from Pay pal Al

 

I suggested making sure you are using the latest version as mentioned at https://www.cubecart.com/extensions/plugins/paypal-commerce and also contacting Cubecart to verify with there is an issue with the onboarding flow as the process of redirecting to the onboarding flow after logging into your PayPal account is controlled by the partner's onboarding integration.

Please verify this and let me know.

Regards,
Magarvin
PayPal Merchant Technical Support


 

Link to comment
Share on other sites

Update to latest version today & there is a new issue with the platform

Will not recognise my pay pal email or password via the linking process, however I can login to pay pal as usual via the website & app still?

Image attached

I've logged it with pay pal also

paypal issues.jpg

Link to comment
Share on other sites

  • 1 month later...

I don't think this is an issue with our integration. If it were it would be more likely that the error would show when the modal window first loads. 

You PayPal account isn't suspended or anything is it? Maybe you can try registering under a new email address.

The fact you can get as far as you can on paypal hosted pages it doesn't feel like a CubeCart fault. 

Link to comment
Share on other sites

would this be the problem?

    • (Recommended) If you're using an allowlist for 'script-src', consider switching from an allowlist CSP to a strict CSP, because strict CSPs are more robust against XSS . See how to set a strict CSP .
    • Or carefully check that all of the blocked resources are trustworthy; if they are, include their sources in the CSP of your site. ⚠️Never add a source you don't trust to your site's CSP. If you don't trust the source, consider hosting resources on your own site instead.
  1. AFFECTED RESOURCES
    1. 1 directive
      1. Resource Status Directive Source Location
        https://www.googleadservices.com/pagead/conversion_async.js blocked script-src-elem gtag.js:40
    •  
      Learn more: Content Security Policy - Source Allowlists

gtag.js:40 Refused to load the script 'https://www.googleadservices.com/pagead/conversion_async.js' because it violates the following Content Security Policy directive: "script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval' 'unsafe-inline'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...