Reply
Contributor
Posts: 11
Registered: ‎01-03-2019

The target origin provided ('our domain') does not match the recipient window's origin ('auth.net do

We are having the same issue as in this post: https://community.developer.authorize.net/t5/Integration-and-Testing/AUthorize-net-hosted-payment-pa...

 

From reading that post, we have tried applying the content-security-policy via web.config file (asp.net/IIS) is not working. We are passing a paymentProfileId in the token.

 

  • We are still seeing the error in the console.
    • Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('our domain') does not match the recipient window's origin ('auth.net domain')
  • The payment gets cut off and is not the correct size so you cannot see all of the fields.
  • The purchase window does not close after a purchase.

Example of web.config:


<httpProtocol>
<customHeaders>
<add name="Content-Security-Policy" value="frame-ancestors 'self' https://localhost:44300 *.ourdomain.com *.authorize.net" />
</customHeaders>
</httpProtocol>


We have even tried with the Content-Security-Policy-Report-Only but still no luck, it acts the same. 

 

What can we do when the content-security-policy is not working?

Posts: 478
Topics: 0
Kudos: 93
Blog Posts: 0
Ideas: 0
Solutions: 38
Registered: ‎04-28-2017

Re: The target origin provided ('our domain') does not match the recipient window's origin ('auth.ne

Hello,

 

Try the following in your Web.config

<system.webServer>
  <httpProtocol>
<customHeaders>
<add name="Content-Security-Policy" value="frame-ancestors 'self' *.YOUR_WEBSITE.com *.authorize.net;" />
</customHeaders>
</httpProtocol> </system.webServer>
Powered by NexWebSites.com -
Certified Authorize.net developers
Contributor
Posts: 11
Registered: ‎01-03-2019

Re: The target origin provided ('our domain') does not match the recipient window's origin ('auth.ne

I'm pretty sure we've tried that but let me give it another go and post back, thank you for the suggestion!