wf:redirect to https://www.sandbox.paypal.com/checkoutnow does not work

29 views
Skip to first unread message

Anton Prokofiev

unread,
Feb 24, 2021, 11:56:16 AMFeb 24
to Nitrogen Project / The Nitrogen Web Framework for Erlang

Hello,
 I try to integrate my project with PayPal.

And I need to redirect user to PayPal site to confirm payment.

I have code:

process_cmd(#{type := cmd_confirm_payment_request,redirect_url := Url} = _Cmd) ->
    ?LOG(notice,"Redirect Url: ~p",[Url]),
  wf:redirect(Url);
...


Code is executed but no redirect happened.

Any Idea?



Jesse Gumm

unread,
Feb 24, 2021, 12:07:16 PMFeb 24
to nitrogenweb
Hi Anton,

That's really bizarre.

Do you see any javascript errors in the browser JS console (F12, pick console tab) when the redirect is supposed to happen?

If not, try typing this directly into the browser JS console:

window.location="https://www.sandbox.paypal.com/checkoutnow"

When you type that and press enter, does the redirect happen?

-Jesse

--
You received this message because you are subscribed to the Google Groups "Nitrogen Project / The Nitrogen Web Framework for Erlang" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nitrogenweb...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nitrogenweb/8508f388-b0dd-4e6e-9e83-9dfee93d03a0n%40googlegroups.com.


--
Jesse Gumm
Owner, Sigma Star Systems
414.940.4866 || sigma-star.com || @jessegumm

Anton Prokofiev

unread,
Feb 25, 2021, 5:27:27 AMFeb 25
to Nitrogen Project / The Nitrogen Web Framework for Erlang
Hello, Jesse,

This is output from web console when I start Nitrogen App:

Some cookies are misusing the recommended “sameSite“ attribute 2
Cookie “newcookie” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite case_nr
Cookie “newcookie” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite case_nr
Layout was forced before the page was fully loaded. If stylesheets are not yet loaded this may cause a flash of unstyled content. jquery.js:4:29551
Websockets Enabled


When I type in web console:

Browser is redirected, and I get following messages:

Websockets disabled or disconnected nitrogen.min.js:1:17880
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
This page uses the non standard property “zoom”. Consider using calc() in the relevant property values, or using “transform” along with “transform-origin: 0 0”. checkoutnow
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: The page’s settings blocked the loading of a resource at data:application/font-woff2;base64,d09GM… (“font-src”).
Some cookies are misusing the recommended “sameSite“ attribute 3
Request to access cookie or storage on “<URL>” was blocked because it came from a tracker and content blocking is enabled. 2
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 3
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified
Content Security Policy: The page’s settings blocked the loading of a resource at https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[FPTICookie]=73c93ddb1700a5d979737d09ffffd6e5&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent (“img-src”). pa.js:2:4887
Content Security Policy: The page’s settings blocked the loading of a resource at https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[FPTICookie]=73c93ddb1700a5d979737d09ffffd6e5&cd[MerchantTransaction]=NA&cd[P2PTransaction]=NA&ev=ViewContent (“img-src”). pa.js:2:5088
Content Security Policy: The page’s settings blocked the loading of a resource at https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif (“img-src”). pa.js:2:4887
Content Security Policy: The page’s settings blocked the loading of a resource at https://px.ads.linkedin.com/collect/?pid=2786969&fmt=gif (“img-src”). pa.js:2:5088
Content Security Policy: The page’s settings blocked the loading of a resource at https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=662704034&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow&dr=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&ul=en-us&de=UTF-8&dt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&sd=24-bit&sr=1280x800&vp=1268x630&je=0&_u=CCCACUABB~&jid=1360165717&gjid=1628467705&cid=1012954369.1582490535&tid=UA-53389718-12&_gid=1546725703.1614183696&_r=1&cd1=1012954369.1582490535&cd2=&cd3=0&cd4=https%3A%2F%2Fwww.sandbox.paypal.com%2Fcheckoutnow&cd5=de&cd6=de_DE&cd7=&cd10=unifiedloginnodeweb&cd19=100332%2C100732&cd20=100926%2C102335&cd22=main%3Aunifiedlogin%3A%3A%3Alogin&cd25=73c93ddb1700a5d979737d09ffffd6e5&cd26=0&gtm=2oi4f0&z=1703938146 (“img-src”). analytics.js:16:86
GEThttps://t.paypal.com/ts?v=1.4.30&t=1614248620044&g=-60&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1614248616852&calc=dfb61874b2003&nsid=VCRm_YuNhLOJ_9joTHgX54tMLCieSkE1&rsta=de_DE&pgtf=Nodejs&env=sandbox&s=ci&ccpg=DE&csci=646c05c8cb6d4c97a9e467779e1c2892&comp=unifiedloginnodeweb&tsrce=checkoutuinodeweb&cu=1&gacook=1012954369.1582490535&ef_policy=gdpr_v2.1&c_prefs=T%3D1%2CP%3D1%2CF%3D1%2Ctype%3Dexplicit_banner&xe=100332%2C100732&xt=100926%2C102335&transition_name=ss_prepare_pwd_ot&fltk=37233153VB7689727&flid=37233153VB7689727&ctx_login_ot_content=0&obex=checkout&landing_page=login&state_name=begin_pwd&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_onetouch=shown&ctx_login_signup_btn=shown%7CpayWithCard&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A638%2C%22t11%22%3A5544%2C%22tcp%22%3A4383%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A52%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&ru=http%3A%2F%2Flocalhost%3A8085%2Fcase_nr&cd=24&sw=1280&sh=800&dw=1280&dh=800&bw=1280&bh=630&ce=1&t1=635&t1c=635&t1d=32&t1s=385&t2=2949&t3=530&t4d=1841&t4=1882&t4e=9&tt=5491&rdc=0&res=%7B%7D[HTTP/1.1 200 OK 237ms]
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified 2
Content Security Policy: Ignoring “'unsafe-inline'” within script-src or style-src: nonce-source or hash-source specified

Anton Prokofiev

unread,
Feb 25, 2021, 5:51:49 AMFeb 25
to Nitrogen Project / The Nitrogen Web Framework for Erlang
Fixed!!

Just changed code to:

process_cmd(#{type := cmd_confirm_payment_request,redirect_url := Url} = _Cmd) ->
    ?LOG(notice,"Redirect Url: ~p",[Url]),
    wf:redirect(Url),
    wf:flush();


Now it works.

Any idea why do I need  wf:flush()?

My page use comet pool, could it be related to it?

Jesse Gumm

unread,
Feb 25, 2021, 9:22:29 AMFeb 25
to nitrogenweb
Yup, that's exactly it.

If that function is being run in a comet loop, wf:flush() tells the comet pool to send the commands to the client.  Otherwise, the wired commands remain buffered on the server until the comet process ends.

-Jesse

Reply all
Reply to author
Forward
0 new messages