There is a page with implemented payment request api, it has an Applepay button and everything works. But as soon as the page is embedded in the iframe, a SecurityError error occurs: Trying to start an Apple Pay session from a document with an different security origin than its top-level frame.
Attribute allowpaymentrequest = 'true'
The allowPaymentRequest property of the HTMLIFrameElement interface returns a Boolean indicating whether the Payment Request API may be invoked on a cross-origin iframe.
Both pages are https.
example.com:
const applePayMethod = {
supportedMethods: "https://apple.com/apple-pay",
data: {
version: 3,
merchantIdentifier: "somemerchantid",
merchantCapabilities: ["supports3DS",],
supportedNetworks: ["masterCard", "visa"],
countryCode: "US",
},
};
const paymentDetails = {
total: {
label: "My Merchant",
amount: { value: "27.50", currency: "USD" },
},
}
try {
const request = new PaymentRequest([applePayMethod], paymentDetails, {});
const response = await request.show();
const status = processResponse(response);
response.complete(status);
} catch (e) {
console.log(e)
}
code-with-iframe.com
<iframe allowpaymentrequest='true' src="https://example.com/" frameborder="0"></iframe>
