PayPal Smart Payment Buttons And SSL issue

7 个月 前
when i wanna pay, it doesn't allow me to login to Paypal. what I should do to solve it?

i get this error:
Some of your info isn't correct. Please try again.

i checked the error in the browser:


Refused to load the image 'https://www.facebook.com/tr?id=1674696026155243&noscript=1&cd[FPTICookie]=f3aee6c416f0a4a315e3b511ffffffff&ev=ViewContent' because it violates the following Content Security Policy directive: "img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com".

signin?intent=checkout&ctxId=xo_ctx_1N260099DB784690P&returnUri=%2Fwebapps%2Fhermes&state=%3Fflow%3D1-P%26ulReturn%3Dtrue%26sessionID%3D446027ac9f_mdq6ntm6mty%26buttonSessionID%3D18bf75bccf_mdu6mdm6mda%26fundingSource%3Dpaypal%26buyerCountry%3DDE%26locale.x%3Den_US%26clientID%3DATnNS8DMmU3aMaa_B_vyQP1oA3f1UmmFYFlGKXRnGwHL32N_z7sd4P6WF4QdjqTuXVfLVnHZADvBQ6uX%26env%3Dsandbox%26sdkMeta%3DeyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRuTlM4RE1tVTNhTWFhX0JfdnlRUDFvQTNmMVVtbUZZRmxHS1hSbkd3SEwzMk5fejdzZDRQNldGNFFkanFUdVhWZkxWbkhaQUR2QlE2dVgmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZ2YXVsdD1mYWxzZSZkZWJ1Zz1mYWxzZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ik5PUF9DYXJ0X1NQQiJ9fQ%26xcomponent%3D1%26version%3D5.0.137%26token%3D1N260099DB784690P%26nxlr%3Dtrue&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVRuTlM4RE1tVTNhTWFhX0JfdnlRUDFvQTNmMVVtbUZZRmxHS1hSbkd3SEwzMk5fejdzZDRQNldGNFFkanFUdVhWZkxWbkhaQUR2QlE2dVgmY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmNvbW1pdD1mYWxzZSZ2YXVsdD1mYWxzZSZkZWJ1Zz1mYWxzZSIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ik5PUF9DYXJ0X1NQQiJ9fQ&locale.x=undefined_US&country.x=US&flowId=1N260099DB784690P:1 Refused to load the image 'https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=2055239312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandbox.paypal.com%2Fsignin%3Fintent%3Dcheckout%26ctxId%3Dxo_ctx_1N260099DB784690P%26returnUri%3D%252Fwebapps%252Fhermes%26state%3D%253Fflow%253D1-P%2526ulReturn%253Dtrue%2526sessionID%253D446027ac9f_mdq6ntm6mty%2526buttonSessionID%253D18bf75bccf_mdu6mdm6mda%2526fundingSource%253Dpaypal%2526buyerCountry%253DDE%2526locale.x%253Den_US%2526clientID%253DATnNS8DMmU3aMaa_B_vyQP1oA3f1UmmFYFlGKXRnGwHL32N_z...flowId%3D1N260099DB784690P&ul=en&de=UTF-8&dt=Log%20in%20to%20your%20PayPal%20account&sd=24-bit&sr=1500x1000&vp=496x625&je=0&_u=ACCACUABB~&jid=1827619018&gjid=234355511&cid=1749109093.1593869135&tid=UA-53389718-12&_gid=885898316.1594541723&_r=1&cd1=1749109093.1593869135&cd3=0&cd4=https%3A%2F%2Fwww.sandbox.paypal.com%2Fsignin%3Flocale.x%3Dundefined_US&cd5=us&cd6=en_US&cd8=&cd9=&cd10=unifiedloginnodeweb&cd22=main%3Aunifiedlogin%3A%3A%3Alogin&cd25=f3aee6c416f0a4a315e3b511ffffffff&cd26=0&gtm=2oi4f0&z=549984570' because it violates the following Content Security Policy directive: "img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com".

what it needs?
7 个月 前
do you know what is trying to load that facebook image?  I don't recall if PayPal allows FB authentication.  Have you modified your web dot config file with this whitelisted content-security-policy?

Content Security Policy : "img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com"
7 个月 前
af1racing wrote:
do you know what is trying to load that facebook image?  I don't recall if PayPal allows FB authentication.  Have you modified your web dot config file with this whitelisted content-security-policy?

Content Security Policy : "img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com"



thank you for your help.

how I should add it? i got an error with this change:
        <add name="Content-Security-Policy" value="default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com" />
7 个月 前
It's unclear whether/why an image from facebook is required to load, but presumably it is this directive preventing it:  img-src 'self'

Assuming it is your config that has been modified, you can see the original config uses img-src * data: here:
https://github.com/nopSolutions/nopCommerce/blob/develop/src/Presentation/Nop.Web/web.config
7 个月 前
no, i didn't modify that. it is strange. it don't know from where it came. please check my website
https://www.fckia.net/

maybe you will figure out that.
7 个月 前
I was able to login to PP using my sandbox account without error and all of the xhr calls in the network tab were successful.  Are you sure you are trying to login with your sandbox testing account?
https://stackoverflow.com/questions/48204011/paypal-some-of-your-info-isnt-correct-please-try-again

7 个月 前
af1racing wrote:
  Are you sure you are trying to login with your sandbox testing account?


I'm using my private account to pay.

but I set the sandbox by my business account. i just create app and get the client id and secure key.