meterrel-embedded_checkout-errors | Stripe Developers | Page 1

flat stoneBOT Dec 15, 2023, 12:51 AM

#

violet harness Dec 15, 2023, 12:53 AM

#

Hello! That's... a good question! Let me see...

half sleet Dec 15, 2023, 12:54 AM

#

Thanks! And again, I can probably avoid giving checkout a bad secret, but I'm concerned there might be other similar conditions.

violet harness Dec 15, 2023, 12:57 AM

#

I think the best approach would be to check the status and expires_at values of the Checkout Session on your server before you provide the client secret to the frontend. If either of those has a problematic value (like a status of expired, or an expires_at in the near future) you can create a new Checkout Session instead.

#

That said, this does seem like a gap in Stripe.js. There should be some kind of callback or something. I'll flag this internally and see what we can do to improve the situation.

flat stoneBOT Dec 15, 2023, 12:59 AM

#

meterrel-embedded_checkout-errors

#

whole rose Dec 15, 2023, 1:01 AM

#

Hi @half sleet I'm taking over this thread

half sleet Dec 15, 2023, 1:01 AM

#

Ok, I can probably manage that.
Just for more context for the checkout team, in my case, this is caused by the user hitting the back button, where the client secret remains in the app state. So while it's definitely possible to handle this case, the naive implementation by a dev is somewhat likely to have this problem.

#

👋

violet harness Dec 15, 2023, 1:02 AM

#

That's great context, thanks! I'll relay that to the team.

#

Although I would recommend not keeping the client secret in any state.

#

You should always fetch it fresh from the server every time you need it.

half sleet Dec 15, 2023, 1:02 AM

#

Your React example definitely puts it in state 😉

#

But point taken

violet harness Dec 15, 2023, 1:02 AM

#

Welp. 😅

#

Will try to get that addressed!

#meterrel-embedded_checkout-errors