dlabsnl
commented
3 months ago Im waiting for this also.
Closed TomMeijnaerts closed 1 month ago
dlabsnl
commented
3 months ago Im waiting for this also.
boldhedgehog
commented
3 months ago Please note, that inline scripts on the checkout will stop working if they are not rendered with the secure renderer.
More about this here: https://developer.adobe.com/commerce/php/development/security/content-security-policies/#whitelist-an-inline-script-or-style
<script>
require(['buckaroo/mrcash/pay'], function (mrcashPay) {
var transactionKey = "<?= /* @noEscape */ ($block->getTransactionKey()); ?>";
mrcashPay.setTransactionKey(transactionKey);
mrcashPay.showQrCode();
});
cancelPayment = function() {
require(['buckaroo/mrcash/pay'], function (mrcashPay) {
mrcashPay.cancelPayment();
});
}
</script>This should be either put into a variable or wrapped into ob_start() like this:
<?php
$key = $block->getTransactionKey();
$script = <<<JS
require(['buckaroo/payconiq/pay'], function (payconiqPay) {
var transactionKey = "$key";
payconiqPay.setTransactionKey(transactionKey);
payconiqPay.showQrCode();
});
cancelPayment = function() {
require(['buckaroo/payconiq/pay'], function (payconiqPay) {
payconiqPay.cancelPayment();
});
}
JS;
?>
<?= /* @noEscape */ $secureRenderer->renderTag('script', [], $script, false); ?>This was recently backported from 2.4.7 to older versions with the latest security patch and is enabled by default. After upgrade to 2.4.5-p8 inline script added in a conventional unsafe way stopped to work.
larsmbm
commented
2 months ago Could you please provide an update on this ticket? We're experiencing the same problem and would be grateful for any news.
Buckaroo-Rene
commented
1 month ago
We would like to roll out the update of magento 2.4.7 & php8.3 ... when will this extension have compatibility for those versions ?