#dmurdolo
gray sundial
sonic moss
Hello! What's up?
mystic garnet
Is anyone else getting this error on their local server when from trying to embed a pricing table? It is from this network request: https://js.stripe.com/v3/pricing-table-app.html?... (removed the additional parameters from the complete URL)
sonic moss
My Pricing Table test integration is working fine. Can you link me to the site where you're seeing this?
mystic garnet
It's not deployed yet, on the first attempt at embedding it using React
Running this locally in our application
sonic moss
Have you tried implementing the cross origin policy suggested?
mystic garnet
This is a response header, not a request header
sonic moss
Do you have these in your CSP? https://stripe.com/docs/payments/checkout/pricing-table#csp
mystic garnet
We had a similar problem with the Ready Player Me API, and they had to configure the Cross-Origin-Resource-Policy response header
I didn't see that part, let me have a try
mystic garnet
The response Content-Security-Policy header does seem to include both of those configurations
So my local server is not overwriting that
sonic moss
I'm not sure how else I can help without being able to see and interact with the site. CSP issues are tricky if I can't see exactly what's happening.
mystic garnet
We had the seemingly identical problem when we were embedding an iframe that loaded https://magnopus.readyplayer.me/avatar?frameApi into our application.
In the end they updated their response headers to include Cross-Origin-Resource-Policy: cross-origin
I will see if I can deploy a simple page that includes the pricing table component