daniel_3ds-csp | Stripe Developers | Page 1

mystic wyvernBOT Aug 7, 2025, 10:56 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1403149792644960286

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

#

gaunt veldt Aug 7, 2025, 10:56 PM

#

daniel_3ds-csp

#

CSP depends how you integrate and we document it here: https://docs.stripe.com/security/guide#content-security-policy

nimble yew Aug 7, 2025, 11:00 PM

#

The main point of concern which i’ve just been Googling for the past hour is issues with the different banks iFrames etc on the 3DSecure challenge screen… i’m hoping Stripe handles this much better

#

For instance, i can’t individually whitelist all the banks across the world 😂

gaunt veldt Aug 7, 2025, 11:02 PM

#

we handle all of this for you

nimble yew Aug 7, 2025, 11:04 PM

#

So basically if i whitelist all the ones in that doc you linked for me… i should be good as Stripe basically has a iFrame within an iFrame to handle the CSP redirect etc

gaunt veldt Aug 7, 2025, 11:04 PM

#

yes

nimble yew Aug 7, 2025, 11:05 PM

#

That is fantastic ❤️ i can now put Google down hehe

#

Thanks for the clarification 🏅

gaunt veldt Aug 7, 2025, 11:06 PM

#

sure thing

nimble yew Aug 7, 2025, 11:07 PM

#

It seems like on other payment providers, people are turning off the CSP on the payment pages to handle this… isn’t that crazy 😂😂

#daniel_3ds-csp