topic Re: Authorize.net Accept.js Hosted - Invalid Setting Value. hostedPaymentReturnOptionsurl must begin in Integration and Testing

Authorize.net Accept.js Hosted - Invalid Setting Value. hostedPaymentReturnOptionsurl must begin wit

danfbach1 — Thu, 08 Dec 2022 17:48:27 GMT

I also posted this on stackoverflow, but haven't gotten any action. https://stackoverflow.com/questions/74733569/authorize-net-accept-js-hosted-invalid-setting-value-hostedpaymentreturnoptio

I just started getting this error today from my authorize.net API implementation and it is preventing customers from making to the payment page.

I'm using the authorize.net API SDK.

My return option URLs are formatted as such:

$success_url = "https://" . $_SERVER['HTTP_HOST'] . "/payment/cc_authorizenet_accept_hosted.php?r=$soidhash";
$cancel_url = "https://" . $_SERVER['HTTP_HOST'] . "/payment/cc_authorizenet_accept_hosted.php?r=$coidhash";

Then put into an array of options:

 $payment_options = array(
        'hostedPaymentSecurityOptions'          =>  "{\"captcha\": false}",
        'hostedPaymentStyleOptions'             =>  "{\"bgColor\": \"#C00\"}",
        'hostedPaymentShippingAddressOptions'   =>  "{\"show\": false, \"required\": true}",
        'hostedPaymentBillingAddressOptions'    =>  "{\"show\": false, \"required\": true}",
        'hostedPaymentButtonOptions'            =>  "{\"text\": \"Submit Secure Payment\"}",
        'hostedPaymentOrderOptions'             =>  "{\"show\": true, \"merchantName\": \"Lee Precision, Inc.\"}",
        'hostedPaymentPaymentOptions'           =>  "{\"cardCodeRequired\": true, \"showCreditCard\": true,\"showBankAccount\": false}",
        'hostedPaymentReturnOptions'            =>  "{\"showReceipt\": true,\"url\": \"{$success_url}\", \"urlText\": \"Get Receipt\", \"cancelUrl\": \"{$cancel_url}\", \"cancelUrlText\": \"Cancel/Continue Shopping\"}"
    );

Then options added using API SDK:

   foreach ($payment_options as $k => $v) {
        $aSetting = new AnetAPI\SettingType();
        $aSetting->setSettingName($k);
        $aSetting->setSettingValue($v);
        $request->addToHostedPaymentSettings($aSetting);
    }

This implementation has been working for about two years, and I have not changed any of the code since then, so I'm not sure if their API is having an issue? Status page says everything is working.

Is there a way on authorize.net to review API requests to see what they are receiving from my server?

Re: Authorize.net Accept.js Hosted - Invalid Setting Value. hostedPaymentReturnOptionsurl must begin

VeraciTek — Mon, 12 Dec 2022 18:06:34 GMT

Hi anyone that visits this thread (we'll try to update all the threads we're aware of). We had this problem and just resolved it. Here are some tips:

1. localhost is NO LONGER ALLOWED, that is not in the error, but it produces that error.
2. the errors are stacked in an array. so look at all of them, not just one of them like we were.

The 2nd above was our issue, we assumed wrongly that the hostedPaymentIFrameCommunicatorUrlurl error would not be on the stack if it were not an issue. It was fine... but our hostedPaymentReturnOptions setting was not fine. We didn't use that setting for anything and just had some static relative urls in that setting. As soon as we corrected that it worked again.

The disabling of localhost has thrown a monkey wrench for developers that requires creating bogus local dns settings that are not localhost as well as issuing certs for those. So if you're using webpack, or anything that automatically generates a localhost cert, you're going to have to work around it with the 12/7 update. I sure hope we're solving some big vulnerability here with the localhost issue because this sure won't be convenient.

Re: Authorize.net Accept.js Hosted - Invalid Setting Value. hostedPaymentReturnOptionsurl must begin

shalva_step — Thu, 02 Feb 2023 17:27:32 GMT

Hi,

Is there anything mentioned in documentation that localhost is not supported anymore?

I have the same issue only in local environment...