dingkai031 | Stripe Developers | Page 1

spice turretBOT Dec 21, 2022, 4:57 AM

#

spark temple Dec 21, 2022, 4:59 AM

#

I'm afraid it's not possible to have extra step between confirmPayment and redirection

toxic veldt Dec 21, 2022, 4:59 AM

#

I see, thanks

spark temple Dec 21, 2022, 4:59 AM

#

No problem! Happy to help 😄

toxic veldt Dec 21, 2022, 5:59 AM

#

Hi, I would like to ask another question. Should I open another thread or continue discuss in here?

foggy cosmos Dec 21, 2022, 6:05 AM

#

👋 Taking over here and sure, what's your question

toxic veldt Dec 21, 2022, 6:09 AM

#

when returnUrl called in confirmPayment of Stripe element, I notice that in the header, cookie.. there's a __stripe_sid and __stripe_mid. Does stripe has a way to validate these id?

foggy cosmos Dec 21, 2022, 6:12 AM

#

That's the Fraud Prevention cookies, explained here: https://stripe.com/cookie-settings (Ctrl+F for "Fraud Prevention" then click "View cookies")

Stripe: Cookie Settings

toxic veldt Dec 21, 2022, 6:19 AM

#

ah I see, but is there a way. to validate these ids?
I have a flow that look like this :

When stripe elements confirm a successful payment
It will return to a url, let's call it status.php
in there I want to check, is the one that request is from stripe or not.

Since I see in the header there's __stripe_sid, I would like to use it to validate the request.

toxic veldt Dec 21, 2022, 7:20 AM

#

um hello?

foggy cosmos Dec 21, 2022, 7:21 AM

#

Hey sorry!

#

I don't think it's a good idea. There is no guarantee we will continue to use those Cookie. It's simply for the purpose of tracking on our side

#

To check if the request from Stripe you probably can look at referer (!?)

#dingkai031