I have implemented an express checkout for digital goods using paypal on my site. I keep getting the cross scripting error in the javascript console. Everything seems to function properly, but my obsessive compulsive side is going nuts. I even tried to find active sites using it pp dg, and they seem to get the error as well. Check out http://digitalmagazine.autosport.com/ and try to buy something and (at least in Chrome) you should get this error in the console:
Unsafe JavaScript attempt to access frame with URL http://digitalmagazine.autosport.com/ from frame with URL (link ommitted) Domains, protocols and ports must match.
I guess my question is: is there any way to avoid this error? Is it like this by design? Surely paypal developers would have noticed this. Does it pose any security threat? Thanks.
