cancel
Showing results forย 
Search instead forย 
Did you mean:ย 

DPM payment relay response fails when third-party cookies are blocked

My PHP implementation of DPM is nearly complete. Relay response, however, fails when the browser blocks third-party cookies. My test server is using a temporary domain with a self-signed SSL certificate. I'll be updating DNS and purchasing an SSL certificate for the domain once I address this problem.

 

I don't understand why blocking third-party cookies would cause the relay response to fail. Does DPM use cookies?

 

One additional item to note is that I'm using the standard JavaScript redirect method shown in the DPM documentation to display a receipt page after processing the relay response.

 

 

ckieffer
Contributor
1 ACCEPTED SOLUTION

Accepted Solutions

I finally found the common thread in my form's failed tests - 123. I have two int fields which accept three or four digit values. While testing, we often just enter 123, which apparently is replaced with asterisk (*). I guess the concern is that 123 looks like a CVV value, which should never be submitted as a merchent-define field.

 

Original post: https://community.developer.authorize.net/t5/Integration-and-Testing/DPM-Additional-information-in-t...

View solution in original post

7 REPLIES 7

HTTPs with self-signed SSL certificate? that will be rejected.

Relay Response Basics and Troubleshooting

RaynorC1emen7
Expert

When I began testing, I had no problems. Relay responses were processed after I accepted the self-signed certifcate on the development server. It was only after blocking third-party cookies that I started having problems.

And this is testing against a sandbox account.

DPM is really a use case for SIM--you're disabling SIM's Hosted Payment Form and engaging in a few back-end tricks to make things appear seamless to the customer--and SIM does not use cookies at all.

 

However, while I don't believe the DPM SDK requires cookies, it might. I will confirm that later today.

--
"Move fast and break things," out. "Move carefully and fix what you break," in.
Lilith
Administrator Administrator
Administrator

I reviewed the PHP SDK code and there is nothing in there that sets a cookie.

Do you have an application like Fiddler, so you can see what's going on at the web session level? If not, you may want to give it a try: http://www.telerik.com/fiddler

--
"Move fast and break things," out. "Move carefully and fix what you break," in.

I haven't tried it, no. I'll give it a go.

I finally found the common thread in my form's failed tests - 123. I have two int fields which accept three or four digit values. While testing, we often just enter 123, which apparently is replaced with asterisk (*). I guess the concern is that 123 looks like a CVV value, which should never be submitted as a merchent-define field.

 

Original post: https://community.developer.authorize.net/t5/Integration-and-Testing/DPM-Additional-information-in-t...