christophercliff/flatmarket-server-heroku

Tokens created, but not being charged through Heroku

Opened this issue · 0 comments

victorfeight commented

Symptoms: When I update my website live, connect it to Netlify (HTTPS everywhere enabled), and I've got a flatmarket page set up at victorfeight.com/pay.

Creating a processing a charge correctly works with flatmarket-server.

However, when the site is live, and the Stripe token is sent to flatmarket-server-heroku app, I get the following error in the Firefox browser console when trying to process a payment:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://vicstech-payment.herokuapp.com//. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). (unknown)

Checking the Heroku log, it seems that a request is made:
2018-01-02T18:17:45.823040+00:00 heroku[web.1]: State changed from down to starting
2018-01-02T18:17:47.414202+00:00 heroku[web.1]: Starting process with command node ./node_modules/flatmarket-server/lib/start
2018-01-02T18:17:51.746904+00:00 heroku[web.1]: State changed from starting to up
2018-01-02T18:17:52.988688+00:00 heroku[router]: at=info method=OPTIONS path="//" host=vicstech-payment.herokuapp.com request_id=5b2e8b77-8ec4-4f73-9c36-86192e7c6ce1 fwd="69.181.242.173" dyno=web.1 connect=0ms service=48ms status=404 bytes=303 protocol=https

But it gets a 404 status (probably due to the CORS error).

At this point there are no charges under the Stripe gross payment. I'm using Stripe's test api keys to connect the Heroku app with flatmarket.

My heroku settings:
CORS_ORIGINS: ["https://www.victorfeight.com"]
SCHEMA_URI: https://www.victorfeight.com/pay/flatmarket.json
STRIPE_SECRET_KEY: sk_test_*********************

My flatmarket.json relevant parts:
},
"server": {
"host": "vicstech-payment.herokuapp.com"
},
"stripe": {
"allowRememberMe": false,
"panelLabel": "Buy now {{amount}}",
"publishableKey": "pk_test_*****************"
}
}

Should I be using a pathname under "server" config? (If so, what should this be set to?)

My live website is here: http://www.victorfeight.com/pay
And my github for the code is here: https://github.com/victorfeight/vicstech/tree/master/pay

Any advice on configuring CORS correctly so that Heroku will work nicely with Netlify, Github, and Stripe?