search

MONEI / MONEI-AdobeCommerce-Magento2

MONEI Payments Adobe Commerce (Magento 2) Official Module
https://monei.com
Other
1 stars 4 forks source link

feat: add Monei frame-src CSP whitelist entry #58

Closed ccorreia64 closed 3 months ago

ccorreia64 commented 3 months ago

To enable the MONEI checkout functionality in Magento 2.4.7, the csp_whitelist.xml file includes a frame-src policy. This policy adds 'js.monei.com' to the list of allowed sources for iframe content. The relevant section in the XML file is:

<policy id="frame-src">
    <values>
        <value id="monei" type="host">js.monei.com</value>
    </values>
</policy>

This addition to the Content Security Policy (CSP) whitelist ensures that the MONEI JavaScript can be loaded within an iframe during the checkout process, allowing for seamless integration of the MONEI payment gateway.

Otherwise, the credit card cannot be entered, giving this error in the console.

image
jimmyn commented 3 months ago

Thanks for your contribution @ccorreia64!