javascript - AJAX http request and squarespace shopping cart -


i'm working on squarespace site, not allow server-side scripting. can use javascript, need update purchase tax information 3rd party app before product submitted payment processor, , send information transaction response tax app.

both payment processor , tax processor have decent api's. here documentation how if have access backend: http://dev.taxcloud.net/2013/10/03/taxcloud-js_stripe/. basically, need figure out how reverse engineer php script handled javascript while not triggering cross-site scripting warnings if possible.

also, there way store api keys securely. if use javascript http request, it's going have pull out key, right? don't want give every client access key.

anyway, want to:

-make sure possible.

-make sure not gross breach of security.

-see if can give me leads on start , security things watch out for

to knowledge squarespace not support cors there not lot of alternatives besides jsonp. there of course security concerns long keep ssl , isolate php server script access domain store users information or web pages should fine.

  1. ensure have forced https in header of squarespace site.
  2. write javascript script on own created squarespace page grabs request variables zipcode, amount etc , jsonp request php function on own server (https).
  3. your key should on server in script , php function call 3rd party api, tax info , return in callback of function squarespace site.

heres example: simple jquery, php , jsonp example?


Comments

Post a Comment

Popular posts from this blog

javascript - Bootstrap Popover: iOS Safari strange behaviour -

i looking through twitter bootstrap documentation, , i'm interested in implementing dismissible popover when button clicked. here example bootstrap's docs: http://getbootstrap.com/javascript/#dismiss-on-next-click when press "dismissible popover" button os x safari browser works fine. when access same link above ios safari, button not work. is, popover not dismissed on click. why button not working ios safari? the example linked using data-trigger="focus" attribute. try changing data-trigger="click" . <a tabindex="0" class="btn btn-lg btn-danger" role="button" data-toggle="popover" data-trigger="click" title="dismissible popover" data-content="and here's amazing content. it's engaging. right?">dismissible popover</a>
Read more

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get...
Read more

session - Logging Out Using PHP -

i have seen other programs regarding can't seem make work. doing wrong? want achieve after user logged out, going previous pages become restricted. i have 3 php files: 1. sample.php - main page username , password filled in 2. successful.php - user's page after logging in 3. logout.php - destorys session hinder user access pages after logging out sample.php </html> <form action="" method="post"> <table> <tr> <td>username:</td> <td>password:</td> </tr> <tr> <td><input type="text" name="username"></td> <td><input type="password" name="password"></td> </tr> <tr> <td><input type="submit" value="submit" name="submit"></td> </tr> </table> </form> </html> <?php $servername = "localhost"; $username = ...
Read more