wf:redirect to https://www.sandbox.paypal.com/checkoutnow does not work

[Anton Prokofiev]

Hello,

 I try to integrate my project with PayPal.

And I need to redirect user to PayPal site to confirm payment.

I have code:

process_cmd(#{type := cmd_confirm_payment_request,redirect_url := Url} = _Cmd) ->
    ?LOG(notice,"Redirect Url: ~p",[Url]),
  wf:redirect(Url);

...

Code is executed but no redirect happened.

Any Idea?

[Jesse Gumm]

Hi Anton,

That's really bizarre.

Do you see any javascript errors in the browser JS console (F12, pick console tab) when the redirect is supposed to happen?

If not, try typing this directly into the browser JS console:

window.location="https://www.sandbox.paypal.com/checkoutnow"

When you type that and press enter, does the redirect happen?

-Jesse

--
You received this message because you are subscribed to the Google Groups "Nitrogen Project / The Nitrogen Web Framework for Erlang" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nitrogenweb...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nitrogenweb/8508f388-b0dd-4e6e-9e83-9dfee93d03a0n%40googlegroups.com.

--

Jesse Gumm
Owner, Sigma Star Systems
414.940.4866 || sigma-star.com || @jessegumm

[Anton Prokofiev]

Hello, Jesse,

This is output from web console when I start Nitrogen App:

Some cookies are misusing the recommended “sameSite“ attribute 2

Cookie “newcookie” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite case_nr

Cookie “newcookie” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite case_nr

Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. jquery.js:4:29551

Websockets Enabled

When I type in web console:

window.location="https://www.sandbox.paypal.com/checkoutnow?token=37233153VB7689727"

Browser is redirected, and I get following messages:

Websockets disabled or disconnected nitrogen.min.js:1:17880

GEThttps://www.sandbox.paypal.com/checkoutnow?token=37233153VB7689727[HTTP/1.1 200 OK 4065ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

GEThttps://www.paypalobjects.com/web/res/a2c/7966ec8c5fce102e9f368f235bcdf/js/lib/modernizr-2.6.1.js[HTTP/2 200 OK 118ms]

GEThttps://www.paypalobjects.com/web/res/a2c/7966ec8c5fce102e9f368f235bcdf/css/contextualLogin.css[HTTP/2 200 OK 120ms]

GEThttps://www.paypalobjects.com/web/res/40f/264f98d5d1f113e33bd9c3be2bba5/js/xhr-ads.min.js[HTTP/2 200 OK 95ms]

This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. checkoutnow

GEThttps://www.paypalobjects.com/web/res/a2c/7966ec8c5fce102e9f368f235bcdf/js/lib/fn-sync-telemetry-min.js[HTTP/2 200 OK 29ms]

GEThttps://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png[HTTP/2 200 OK 30ms]

GEThttps://www.paypalobjects.com/images/shared/icon-PN-check.png[HTTP/2 200 OK 21ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

GEThttps://www.paypalobjects.com/pa/js/min/pa.js[HTTP/2 200 OK 31ms]

GEThttps://www.paypalobjects.com/web/res/a2c/7966ec8c5fce102e9f368f235bcdf/js/checkout-split.js[HTTP/2 200 OK 26ms]

GEThttps://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg[HTTP/2 200 OK 29ms]

GEThttps://www.paypalobjects.com/images/shared/icon-sprite2-2x.png[HTTP/2 200 OK 23ms]

GEThttps://www.paypalobjects.com/images/shared/sprite_forms_2x.png[HTTP/2 200 OK 28ms]

GEThttps://www.paypalobjects.com/pa/mi/miconfig.js[HTTP/2 200 OK 28ms]

GEThttps://www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico[HTTP/2 200 OK 22ms]

GEThttps://www.paypalobjects.com/webstatic/icon/pp64.png[HTTP/2 200 OK 22ms]

Content Security Policy: The page’s settings blocked the loading of a resource at data:application/font-woff2;base64,d09GM… (“font-src”).

GEThttps://www.paypalobjects.com/pa/mi/3p/gtag/gtag.js[HTTP/2 200 OK 31ms]

GEThttps://www.paypalobjects.com/pa/mi/3p/gtag/analytics.js[HTTP/2 200 OK 28ms]

GEThttps://www.google.com/pagead/conversion_async.js[HTTP/2 200 OK 43ms]

Some cookies are misusing the recommended “sameSite“ attribute 3

Request to access cookie or storage on “<URL>” was blocked because it came from a tracker and content blocking is enabled. 2

GEThttps://googleads.g.doubleclick.net/pagead/viewthroughconversion/1006288171/?random=1614248619328&cv=9&fst=1614248619328&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=800&u_w=1280&u_ah=769&u_aw=1280&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oi4f0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow%3Ftoken%3D37233153VB7689727&ref=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&tiba=Loggen%20Sie%20sich%20bei%20PayPal%20ein&hn=www.google.com&async=1&rfmt=3&fmt=4[HTTP/2 200 OK 267ms]

Content Security Policy: The page’s settings blocked the loading of a resource at https://www.google.com/pagead/1p-user-list/1006288171/?random=1614248619328&cv=9&fst=1614247200000&num=1&bg=ffffff&guid=ON&u_h=800&u_w=1280&u_ah=769&u_aw=1280&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow%3Ftoken%3D37233153VB7689727&ref=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&tiba=Loggen%20Sie%20sich%20bei%20PayPal%20ein&async=1&fmt=3&is_vtc=1&random=1885973280&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y (“img-src”). 1006288171:1:751

Content Security Policy: The page’s settings blocked the loading of a resource at https://www.google.de/pagead/1p-user-list/1006288171/?random=1614248619328&cv=9&fst=1614247200000&num=1&bg=ffffff&guid=ON&u_h=800&u_w=1280&u_ah=769&u_aw=1280&u_cd=24&u_his=4&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oi4f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow%3Ftoken%3D37233153VB7689727&ref=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&tiba=Loggen%20Sie%20sich%20bei%20PayPal%20ein&async=1&fmt=3&is_vtc=1&random=1885973280&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y (“img-src”). 1006288171:1:751

GEThttps://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js[HTTP/2 200 OK 217ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 3

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Content Security Policy: The page’s settings blocked the loading of a resource at https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[FPTICookie]=73c93ddb1700a5d979737d09ffffd6e5&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent (“img-src”). pa.js:2:4887

Content Security Policy: The page’s settings blocked the loading of a resource at https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[FPTICookie]=73c93ddb1700a5d979737d09ffffd6e5&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent (“img-src”). pa.js:2:5088

Content Security Policy: The page’s settings blocked the loading of a resource at https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif (“img-src”). pa.js:2:4887

Content Security Policy: The page’s settings blocked the loading of a resource at https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif (“img-src”). pa.js:2:5088

Content Security Policy: The page’s settings blocked the loading of a resource at https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=662704034&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow&dr=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&ul=en-us&de=UTF-8&dt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&sd=24-bit&sr=1280x800&vp=1268x630&je=0&_u=CCCACUABB~&jid=1360165717&gjid=1628467705&cid=1012954369.1582490535&tid=UA-53389718-12&_gid=1546725703.1614183696&_r=1&cd1=1012954369.1582490535&cd2=&cd3=0&cd4=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow&cd5=de&cd6=de_DE&cd7=&cd10=unifiedloginnodeweb&cd19=100332%2C100732&cd20=100926%2C102335&cd22=main%3Aunifiedlogin%3A%3A%3Alogin&cd25=73c93ddb1700a5d979737d09ffffd6e5&cd26=0&gtm=2oi4f0&z=1703938146 (“img-src”). analytics.js:16:86

GEThttps://t.paypal.com/ts?v=1.4.30&t=1614248620044&g=-60&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1614248616852&calc=dfb61874b2003&nsid=VCRm_YuNhLOJ_9joTHgX54tMLCieSkE1&rsta=de_DE&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DE&csci=646c05c8cb6d4c97a9e467779e1c2892&comp=unifiedloginnodeweb&tsrce=checkoutuinodeweb&cu=1&gacook=1012954369.1582490535&ef_policy=gdpr_v2.1&c_prefs=T%3D1%2CP%3D1%2CF%3D1%2Ctype%3Dexplicit_banner&xe=100332%2C100732&xt=100926%2C102335&transition_name=ss_prepare_pwd_ot&fltk=37233153VB7689727&flid=37233153VB7689727&ctx_login_ot_content=0&obex=checkout&landing_page=login&state_name=begin_pwd&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_onetouch=shown&ctx_login_signup_btn=shown%7CpayWithCard&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A638%2C%22t11%22%3A5544%2C%22tcp%22%3A4383%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A52%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&ru=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&cd=24&sw=1280&sh=800&dw=1280&dh=800&bw=1280&bh=630&ce=1&t1=635&t1c=635&t1d=32&t1s=385&t2=2949&t3=530&t4d=1841&t4=1882&t4e=9&tt=5491&rdc=0&res=%7B%7D[HTTP/1.1 200 OK 237ms]

GEThttps://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js[HTTP/2 200 OK 35ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 2

GEThttps://b.stats.paypal.com/v1/counter.cgi?r=cD0zNzIzMzE1M1ZCNzY4OTcyNyZpPTM3LjIwMS4yMjQuMTA3JnQ9MTYxNDI0ODYxNy4yNzUmYT0yMSZzPVVOSUZJRURfTE9HSU5SS2Gu1V2WkAbmkXIOFyUqYaiwzw[HTTP/1.1 302 Found 238ms]

Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

GEThttps://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js[HTTP/2 200 OK 46ms]

GEThttps://c.paypal.com/v1/r/d/b/w?&f=37233153VB7689727&s=UL_CHECKOUT_INPUT_PASSWORD&d=%7B%22ts1pf%22%3A%7B%22psu%22%3Afalse%2C%22val%22%3Atrue%7D%2C%22ts2pf%22%3A%7B%22psu%22%3Afalse%2C%22val%22%3Atrue%7D%7D[HTTP/2 204 No Content 236ms]

GEThttps://c6.paypal.com/v1/r/d/b/p3?f=37233153VB7689727&s=UL_CHECKOUT_INPUT_PASSWORD[HTTP/2 200 OK 290ms]

GEThttps://dub.stats.paypal.com/v1/counter2.cgi?r=cD0zNzIzMzE1M1ZCNzY4OTcyNyZpPTM3LjIwMS4yMjQuMTA3JnQ9MTYxNDI0ODYxNy4yNzUmYT0yMSZzPVVOSUZJRURfTE9HSU5SS2Gu1V2WkAbmkXIOFyUqYaiwzw[HTTP/1.1 200 OK 178ms]

[Anton Prokofiev]

Fixed!!

Just changed code to:

process_cmd(#{type := cmd_confirm_payment_request,redirect_url := Url} = _Cmd) ->
    ?LOG(notice,"Redirect Url: ~p",[Url]),

    wf:redirect(Url),
    wf:flush();

Now it works.

Any idea why do I need  wf:flush()?

My page use comet pool, could it be related to it?

[Jesse Gumm]

Yup, that's exactly it.

If that function is being run in a comet loop, wf:flush() tells the comet pool to send the commands to the client.  Otherwise, the wired commands remain buffered on the server until the comet process ends.

-Jesse

To view this discussion on the web visit https://groups.google.com/d/msgid/nitrogenweb/b0c5328b-93d5-4e15-b787-9f4eb82bc439n%40googlegroups.com.