Rafa
March 8, 2023, 11:29am
1
I added a paypal to my website using javascript sdk (server is using Django)
There is no problem to load that website using Html:Dialog and display paypal functions.
After click it I have new window like this:
I wonder if there is a way to allow paypal to open iframe from SketchUP.
ps. everything is working fine when I am using standalone browser
DaveR
March 8, 2023, 12:15pm
2
Why are you adding a PayPal window in SketchUp?
Your profile says you are using SketchUp 2017 Make.
Rafa
March 8, 2023, 2:31pm
3
Thanks for joining the discussion!
Why are you adding a PayPal window in SketchUp?
We are developing plugin which is connected with the web platform.
user makes building using our plugin
load the project into web (using html:dialog)
we want add paypal integration to unlock files which is used to fabricate the model
I was wondering if it is possibility to do this in html:dialog.
Your profile says you are using SketchUp 2017 Make.
I installed 2022 trial to check if the problem is still exists. (2017 have pretty old browser)
DaveR
March 8, 2023, 2:35pm
4
Since you’re using SketchUp commercially–developing commercial extensions with it, you should be using SketchUp Pro, not Make.
2 Likes
tt_su
March 8, 2023, 3:11pm
5
UI::HtmlDialog doesn’t support the HTML page creating a new window. If the PayPal checkout require that you probably have to redirect the user to a normal browser window for that payment process.
1 Like
What you tried was a cross origin request. See …
Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the first resource was served.
A web page may freely embed cross-origin images, stylesheets, scripts, iframes, and videos. Certain "cross-domain" requests, notably Ajax requests, are forbidden by default by the same-origin security policy. CORS defines a way in which a browser and server can interact to determine whether it is safe t...
The Chrome Embedded Framework (used by the UI::HtmlDialogmore secure than a normal Chrome browser.
CEF enforces same-origin policy because (I think) the dialog pages have the origin http://localhost.
In computing, the same-origin policy (SOP) is an important concept in the web application security model. Under the policy, a web browser permits scripts contained in a first web page to access data in a second web page, but only if both web pages have the same origin. An origin is defined as a combination of URI scheme, host name, and port number. This policy prevents a malicious script on one page from obtaining access to sensitive data on another web page through that page's Document Object Mo...
1 Like
You could have your dialog open a webpage in the user’s default browser using the UI.openURL()
1 Like
Rafa
March 9, 2023, 9:29am
8
Thanks for detailed information!
CEF enforces same-origin policy because (I think) the dialog pages have the origin http://localhost .
It was using test server, so it was not localhost, but that was nice guess.
In summary… probably I will upgrade workflow to use UI.openURL() instead.
Thanks for all answers!
1 Like
