Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google's pay.js is triggering an error for certain users, but it's not exposed because of CORS restrictions #866

Closed
psyklopz opened this issue Feb 10, 2023 · 5 comments
Closed

Google's pay.js is triggering an error for certain users, but it's not exposed because of CORS restrictions #866

psyklopz opened this issue Feb 10, 2023 · 5 comments

Comments

@psyklopz
Copy link

General information

  • SDK/Library version: 1.33.7, 1.34.0 and previous versions
  • Environment: Both
  • Browser and OS: Affects 158 of our users in the last week, across all browsers, especially Safari and Mobile Safari

Issue description

Something within Google's pay.js is throwing an exception. However, because of CORS rules, (ie. the script is not being loaded with the crossorigin='anonymous' attribute, our crash reporting tools do not have access to the exception or to the stack trace.

It only shows in those systems as "Script error in pay.js".

A solution to this is available within Raygun's documentation, but because scripts are loaded on-demand from within the dropin component, we are not able to make this change.
https://raygun.com/documentation/language-guides/javascript/crash-reporting/script-errors/

  • Workarounds would be to load the scripts within the element, and set this flag ourselves, but it slows down the initial load of the page.
  • Or, we could compile our own version of the dropin, but we'd be required to re-build with every update.

Both of these have their downsides, and I think the best way is to resolve this in the component itself. It also makes addressing the root cause of the under-the-hood issue easier to resolve for others who are using crash reporting tools.

A PR is available with our suggested remedy:
#865
@psyklopz
Copy link
Author

Any interest in merging that PR?

@nidhinarendra
Copy link

Hi @psyklopz,
Thank you for the details you have provided here.
We will take a look at this and provide a feedback asap. (ticket #5875)

@nidhinarendra
Copy link

Hi @psyklopz
Have you successfully tested these changes? Based on our testing, it appears that the pay.google.com domain does not support CORS.

@nidhinarendra
Copy link

Hi @psyklopz
Do we have any update on the above?

@hollabaq86 hollabaq86 mentioned this issue Apr 14, 2023
Open
@nidhinarendra
Copy link

Since we haven't heard back from you, we are closing this issue. Please reach out to us if you have more questions in the future.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@psyklopz @nidhinarendra