Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Cannot obtain user data on checkout #4666

Closed
1 task done
lopezdp opened this issue Feb 19, 2023 · 3 comments · Fixed by #4721
Closed
1 task done

[Bug]: Cannot obtain user data on checkout #4666

lopezdp opened this issue Feb 19, 2023 · 3 comments · Fixed by #4721
Labels
need-info Requires more information

Comments

@lopezdp
Copy link

lopezdp commented Feb 19, 2023

What is your BTCPay version?

BTCPay Server v1.7.12+9344113ae

How did you deploy BTCPay Server?

AWS EC2

What happened?

I want to collect an email or shipping address in the point of sale

Screenshot 2023-02-19 at 5 39 15 PM

this is the error encountered on front end when data collection is set in point of sale

Screenshot 2023-02-19 at 5 41 14 PM

How did you encounter this bug?

configure either collect email or shipping address options and get error on ui

Relevant log output

2023-02-19 04:21:55.187 +00:00 [WRN] Error while contacting exchange coingecko: The operation was canceled.
2023-02-19 17:10:04.131 +00:00 [INF] BTC (Lightning): Start listening unix://etc/clightning_bitcoin/lightning-rpc
2023-02-19 17:40:48.303 +00:00 [INF] BTC (Lightning): No more invoice to listen on unix://etc/clightning_bitcoin/lightning-rpc, releasing the connection.

What browser do you use?

chrome and safari

Additional information

No response

Are you sure this is a bug report?

  • I confirm this is a bug report
@dennisreimann
Copy link
Member

I cannot reproduce this. Does the problem persist and are there more logs from the BTCPay Server container? The error above points to the exchange rate not being fetched.

@pavlenex pavlenex added the need-info Requires more information label Feb 22, 2023
@lopezdp lopezdp changed the title [Bug]: [Bug]: Cannot obtain user data on checkout Feb 28, 2023
@lopezdp
Copy link
Author

lopezdp commented Feb 28, 2023

I cannot reproduce this. Does the problem persist and are there more logs from the BTCPay Server container? The error above points to the exchange rate not being fetched.

@dennisreimann I just tested it and when I use the market place link directly it works, however when I use it in an iframe embedded in a website it crashes

this is the error I get:

Invalid 'X-Frame-Options' header encountered when loading 'https://btcpay.domain.com/': 'allow-all' is not a recognized directive. The header will be ignored.

im thinking its something along these lines:

https://stackoverflow.com/questions/73284217/x-frame-option-error-not-a-recognized-directive-the-header-will-be-ignored

im leaving the error on the page I have the implementation at: you can test it and see the error for yourself here: https://davidplopez.com

@dennisreimann dennisreimann mentioned this issue Feb 28, 2023
Merged
@NicolasDorier NicolasDorier reopened this Mar 1, 2023
@lopezdp
Copy link
Author

lopezdp commented Mar 1, 2023

@dennisreimann wondering if your solution causes any CORS issues down stream? not sure atm...

what release will this be a part of v1.8 maybe?

NicolasDorier added a commit that referenced this issue Mar 1, 2023
@dennisreimann @NicolasDorier
Unset X-Frame-Options header correctly (#4721)
23761ea 
* Unset X-Frame-Options header correctly

According to the [spec](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) there are onlye the `DENY` and `SAMEORIGIN` options, `ALLOW-FROM` being deprecated. Hence we have to actively unset the header, as we made `DENY` the default.

This also unsets the X-Frame-Options header for the public form pages, which fixes #4666.

* Ignore anti forgery token in Forms

---------

Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
need-info Requires more information
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Unset X-Frame-Options header correctly dennisreimann/btcpayserver
4 participants
@dennisreimann @NicolasDorier @lopezdp @pavlenex