#florin_code
cyan rockBOT
๐ Welcome to your new thread!
โฒ๏ธ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.
โฑ๏ธ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.
๐ This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1311991644786262066
๐ Have more to share? Add more details, code, screenshots, videos, etc. below.
Below are links to other discussions we've had with you in the past week in case you want to review that information. If your question is related to one of these previous discussions, please provide a comprehensive summary of the current state and what you need help with now. We help many users simultaneously, so a summary allows us to resolve your issue as soon as possible.
- florin_unexpected, 20 hours ago, 86 messages
hollow crest
๐ happy to help
stripe.confirmCardPayment(clientSecret, {card: cardElement) doesn't submit the card details in plain sight
behind the scene we tokenize the cardDetails and we send them tokenized otherwise we wouldn't be PCI compliant
hollow crest
this data is sent directly to Stripe for tokenization and it has multiple security measures taken to make sure no one can see the transmitted data
we're PCI compliant and certified so you don't need to worry about that
fossil hull
I understand that, but for example if a user is on my website and looks at the network tab he can see this request, is this safe?
hollow crest
yes since they were behind that request
fossil hull
ok then, thanks
hollow crest
you should be afraid of man-in-the-middle attack in these situations
fossil hull
yea, that's what I was thinking about kinda