Cybersource Developer Community Cybersource Developer Community

RichardH · ‎09-08-2015

Use this thread to discuss changes to our Hosted Payment Form.

Richard

jruser · ‎09-08-2015

1. What time is this change taking place?

2. Has this change already been made in test?

3. What will happen if someone passes in HTML, etc. after you make your change? Will the page still work?

It looks like this removes any option to make the hosted form blend with the rest of the site.

RichardH · ‎09-08-2015

Hello @jruser

Yes, the change is already live in the sandbox.
Production will go live approximately 9pm Pacific
The payment form will continue to work, but we'll strip any custom html or MINT settings.

I would recommend reviewing KB A539 which provides more details on the change.

Richard

karenb · ‎09-09-2015

We received the "Important Authorize.Net Notification" e-mail just a few minutes before 5 PM telling us that "support for HTML tags, JavaScript and CSS" on the hosted payment form, receipt page and email receipts "will be disabled later tonight." I then came here and discovered that "later tonight" meant 9 PM. 5 PM to 9 PM was a paltry FOUR HOURS advance notice at the close of the day before our payment interface with customers was reduced to gibberish. What kind of customer service is that? The e-mail says it's to "increase security", but whatever security issue there might be is nothing new and certainly could have been forewarned far earlier than just four hours before. Richard's post on this forum was at 1:22 PM but his brief sentence "Use this thread to discusss changes to our Hosted Payment Form" was worthlessly vague prior to receiving the e-mail.

joatmon · ‎09-09-2015

This apparently disabled the captcha also, rendering my payment page non-functional. Less than 3 hours notice for me.

joatmon · ‎09-09-2015

Merchant sign in seems to be down now also. This reminds me of a couple of years ago when you just arbitrarily killed relay response with no notice.

afail · ‎09-09-2015

We use SIM and an IFRAME on our site for payment. We used the following CSS in the header:

html {overflow:hidden!important} to hide the scrollbar generated by the frame. Is there anyway to do this now?

RichardH · ‎09-09-2015

Hello @afail

@afail wrote:

We use SIM and an IFRAME on our site for payment. We used the following CSS in the header:

html {overflow:hidden!important} to hide the scrollbar generated by the frame. Is there anyway to do this now?

Try applying overflow:hidden; to your iFrame.

Richard

RichardH · ‎09-09-2015

Hello @joatmon

@joatmon wrote:

This apparently disabled the captcha also, rendering my payment page non-functional. Less than 3 hours notice for me.

We're not able to duplicate your issue. Are you testing in the sandbox or is this with your live production system?

Richard

afail · ‎09-09-2015

Hi Richard,

Thanks for the reply. I actually need to override gateway/content/PaymentForm.css

which contains

html{
   overflow-y:scroll;
   overflow-x:auto;
}

I thought of using jquery on my side to do this, but I am prohibited since it would be cross site scripting.

Is there anyway we could have the the overflow-y set to auto instead of scroll?

Cybersource Developer Community Cybersource Developer Community

Important Hosted Payment Form Discussion