STRIPE Compatibility with Really Simple SSL Hardening [RESOLVED]

frank6tg · November 17, 2022, 2:14pm

Really SImple SSL Pro has added a lot of features and I’m wondering about Cross-Origin-Opener-Policy (COOP) and Cross Origin Embedder Policy (COEP) settings affecting STRIPE (See Configuring the Cross-Origin Policies - Really Simple SSL) AND The Content Security Policy “Frame Ancestors” Configuring the Content Security Policy - Really Simple SSL

NOTE: I had a problem with the Mailchimp Addon which made me wonder about STRIPE after a client reported that STRIPE was taking a very long time to process. I was able to solve the Mailchimp issue by setting the Cross Origin Embedder Policy setting to SELF.

sacom · November 18, 2022, 4:58pm

If you configure a restrictive CSP for your site, you will want to whitelist any resources loaded from stripe.com subdomains, they use several different subdomains, so you will want to check your page with the browser inspector Network tab opened to find out which subdomains you need to whitelist.

frank6tg · November 18, 2022, 5:19pm

Thank you.

Topic		Replies	Views
Stripe Checkout & Elements [RESOLVED] Feature Requests feature-request , credit-card , stripe	3	3101	February 13, 2019
PCI Compliance? Get Help stripe , pci-compliance	15	1246	January 4, 2022
Issues with entries Get Help stripe , caching , sg-optimizer	2	138	October 10, 2023
Unable to authorise card. No response from Stripe.js Get Help stripe , 3ds , gform_stripe_customer_id	6	2378	June 15, 2022
Stripe Webhook setup Problem Get Help conflict , stripe	2	88	January 20, 2024

STRIPE Compatibility with Really Simple SSL Hardening [RESOLVED]

Related Topics