danielfmiranda
commented
2 years ago Hi Everyone! Just wanted to leave some findings from @mtdenton and I here for whoever works on this ticket.
It turns out, these 3 errors are not being generated by our code, but instead by a random inline script (that has no effect on the functionality of payment processing) that is being used by the braintree/paypal package.
Since these files are used in the package themselves, there is no way for us to access these and pass in the nonce value.
According to documentation, if we upgrade braintree/paypal, we can then load in the paypal sdk manually like so:
<!-- Load the PayPal JS SDK -->
<script src="https://www.paypal.com/sdk/js?client-id=your-sandbox-or-prod-client-id"></script>
<!-- Load the Braintree components -->
<script src="https://js.braintreegateway.com/web/3.85.3/js/client.min.js"></script>
<script src="https://js.braintreegateway.com/web/3.85.3/js/paypal-checkout.min.js"></script>Which according to the paypal documentation , we can then pass in the nonce like so:
<script src="https://www.paypal.com/sdk/js?client-id=test" data-csp-nonce="xyz-123">However, this would be a significant effort and like mentioned above, nothing is broken with the payment processing, so we are going to put off the upgrade until needed
cdanfon
bheasman
Following completion of tickets #1677 & #1673 the Digital Marketing team at TBX have tested the changes.
An error is showing in the console for https://donate-wagtail.mofostaging.net/en-GB/
See attached