Closed 0x1eef closed 6 years ago
Can you still reproduce? For me, the paypal button opens without errors.
Ghostery 8.2.3 (with all blocking rules enabled) Chrome 68.0.3440.106 OS: Linux
@philipp-classen i can no longer reproduce. any clues what might have changed?
@r-obert Your error message mentioned Response for preflight is invalid (redirect)
. That indicates it was a CORS problem.
We had a bug on that accidentally stripped origin
headers from requests, which are needed for the CORS protocol. That bug was fixed in the last release. Now we will only modify requests from the extension itself, as it was originally intended.
The fix itself came in the updated browser-core dependence.
I incorrectly reported it to Braintree: braintree/braintree-web#383
But this is still an issue that I’m experiencing and can be reproduced here: https://developers.braintreepayments.com/guides/drop-in/overview/javascript/v3#demo
For whatever reason, Ghostery intercepts the request and replaces braintree-web
with ghostery
:
Look like it's being removed by Anti-Tracking.
@sammacbeth could you take a look?
Looks like another false positive. I've whitelisted this one and am working on improving the detection.
@sammacbeth @christophertino this bug is back, in its original form:
Failed to load https://api.sandbox.braintreegateway.com/merchants/gnmt5b5pn9mcnyw2/client_api/v1/configuration?tokenizationKey=sandbox_cqwnq4cc_gnmt5b5pn9mcnyw2&_meta%5BmerchantAppId%5D=staging-4-77b8e3a311bcb6ec5e96.privateinternetaccess.com&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.21.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=49c3f159-eb36-44db-8f4f-43542c7829c2&braintreeLibraryVersion=braintree%2Fweb%2F3.21.0&configVersion=3: Response for preflight is invalid (redirect)
button.js.erb:84 Error creating client: BraintreeError: Cannot contact the gateway at this time.
This is still happening. Ghostery for Chrome version 8.2.4
URL: https://api.braintreegateway.com/merchants/....
Returns 307 from Ghostery. Non-Authoritative-Reason: Delegate
Please read the CONTRIBUTING guide before submitting an issue.
Description
Ghostery blocks requests made to braintree through its client-side javascript SDK. This prevents a user from completing the checkout flow with Ghostery enabled.
Expected Behavior
I expected that Ghostery would not block a request made to Braintree.
Actual Behavior
Ghostery blocked a request to braintree.
Steps to Reproduce
Versions