Hi Vince,

We've got an issue with our Paypal checkout refusing to connect to clear payments.

It appears to be the same issue as another recent forum post relating to another payment provider.

We've asked Paypal for tech help but I think this might be ECT related...

We are running v7.7.2 , MySQL v8.0.4 and PHP v8.1.30

Domain is https://www.homerads.com

https://www.homerads.com/temp/Screenshot_2024-09-25_at_21.37.08.png

In Chrome, we can see errors...

5Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' <URL> <URL> 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
Understand this error
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

(anonymous) @ framework.js:13166Understand this error
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

(anonymous) @ framework.js:13166Understand this error
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

(anonymous) @ framework.js:13166Understand this error
Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

(anonymous) @ framework.js:13166Understand this error
jquery.min.js:2 Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'nonce-blahblahblah' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

(anonymous) @ jquery.min.js:2
Show 1 more frame
Show lessUnderstand this error
creq:2822 Uncaught TypeError: Cannot read properties of undefined (reading 'getElementsByTagName')
at onBodyLoad (creq:2822:31)
at setCookies (creq:3051:5)
at onload (creq:3109:30)

Hi Homerads
So do I understand correctly that in general payments work correctly and it's just for the extra verification steps that this is happening? I don't like passing the buck but the thing is, these PayPal buttons aren't generated by us so I would really need PayPal to get involved in this so as you've contacted them maybe it would be an idea to wait until we get a reply.
I don't think the version you are on is an issue by the way, but there have been a lot of improvements to PayPal Checkout since v7.7.2 and we're on v7.7.6 now.

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

Hi Vince,

I will perhaps try to get our code updated to v7.7.6

Paypal support are on it but not as good as you! We've actually signed up for Braintree as well so this might be an easier fix.

I believe the issue arises when the 3D secure is triggered, so not where a Paypal account is used.

I will post back if I get a fix sorted.

Thanks

David

Homrerads.com and HomeSupply.co.uk