Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
3DS “This content is blocked. Contact the site owner to fix the issue.”
See original GitHub issueGeneral information
- SDK/Library version: 1.30.1
- Environment: Production
- Browser and OS: Chrome Version:91.0.4472 Windows 10
Issue description
We have had a number of reports from a small subset of users that during the 3DS flow the end result is a This content is blocked. Contact the site owner to fix the issue..
I first suspected something on our end but seeing the screenshots (posted below) shows that the issue occurs within the 3DS modal which the DropIn popups, and hence is nothing under our control.
The error object returned to the requestPaymentMethod() contains only the following generic sounding messages:
{
'braintreeWebError.code'': 'THREEDS_CARDINAL_SDK_ERROR',
'braintreeWebError.details.originalError.code': 10004,
'braintreeWebError.details.originalError.description': 'A general error has occurred.',
'braintreeWebError.message': 'A general error has occurred with Cardinal. See description for more information.',
'braintreeWebError.name': 'BraintreeError',
'braintreeWebError.type': 'UNKNOWN',
'message': 'Something went wrong during 3D Secure authentication. Please try again.',
}
Also (but possibly a red-herring), during failed 3DS flows I note there are often a variation of lots of the following messages logged to the console by PostMessageHandler which seems to be something coming from the songbird.js file.
{
arguments: [
Base.Events.PostMessageHandler: Unable to parse reponse [[object Object]] SyntaxError: Unexpected token o in JSON at position 1
],
logger: console
}
{
arguments: [
Base.Events.PostMessageHandler: Unable to parse reponse [JTdCJTIydGFyZ2V0SWQlMjIlM0ElMjJNZXNzYWdlLlRvcEZyYW1lJTIyJTJDJTIybWVzc2FnZUlkJTIyJTNBJTIyRnJhbWVSZWFkeSUyMiUyQyUyMnNlbmRlcklkJTIyJTNBJTIyTWVzc2FnZS5GcmFtZS5kZmViNjZjOTFlYmUlMjIlN0Q=] SyntaxError: Unexpected token J in JSON at position 0
],
logger: console
}
We have not been able to reproduce the issue on sandbox or production ourselves.
Issue Analytics
- State:
- Created 2 years ago
- Comments:8 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks for the info. I’ll pass this report on to our 3D Secure team and try to get an answer.
This started cropping up for us recently. Apparently 3DS2 iframes can be loaded from banks’ own domains so the CSP needs changed to a wildcard domain.
The docs weren’t updated until Jan 2022 so if you implemented 3DS2 earlier your CSP might be wrong: https://github.com/braintree/braintree-web-drop-in/pull/782/files