cancel
Showing results for 
Search instead for 
Did you mean: 

AcceptCore.js:3 Library is not coming from Accept CDN - Accept.js not working with Salesforce

Dear @Aaron and All,

 

We are trying to implement Accept.js to create a payment terminal in the back end of Salesforce under the new Lightning user interface. The Lightning UI implements a Content Security Policy that does not allow 3rd party Javascript files to be loaded from an external site. There is some documentation on this here. The Lightning UI will only load JS files that come from a Salesforce server (this is a 'Static Resource' in Salesforce' parliance). 

 

So, we tried copying the Accept.js into a local file that could be loaded from Salesforce' servers. In this case, we get the following errors from Accept.js:

 

When loading the library:

AcceptCore.js:3 Library is not coming from Accept CDN.

 

And when trying to call Accept.dispatchData():

0:{code: "E_WC_01", text: "Please include Accept.js library from cdn."}

 

So, we are stuck between a rock and a hard place. Even if Salesforce ever allows 3rd party JS libraries, it will be a while before that happens. Is there any other version of Accept.js that can work under a restrictive Content Security Policy, or when not loaded directly from Authorize.net? (Accept Hosted does not work in Salesforce' back end either). 

 

What can we do to find a way to get Accept.js working under these circumstances? 

 

Thanks and Best Regards,
Josh

 

BSYFDev1
Contributor
3 REPLIES 3

Even if you re-wrote Accept.js to use a local copy of AcceptCore.js, Authorize.net's API should reject the request when the scripts are not being loaded from thier server. 

 

One way on Salesforce is to use Apex classes and do direct payments:

https://c.na50.visual.force.com/apex/DoPayment

Powered by NexWebSites.com -
Certified Authorize.net developers
NexusSoftware
Trusted Contributor

Thanks. We're not too interested in rewriting Accept.js. But we would like to do everything client-side, so that the credit card numbers don't touch our servers.

 

That link looks like it goes to an internal web page, it's not accessible. 

That link should be https://nexweb-developer-edition.na50.force.com, it posts to the sandbox.

 

Another option would to create a payment processing microservice outside of SalesForce and update any necessary records at SalesForce via their API.

Powered by NexWebSites.com -
Certified Authorize.net developers