Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

iOS XMLHttpRequest cannot load XXX due to access control checks.

See original GitHub issue

General information

  • SDK/Library version: 1.22.1
  • Environment: Sandbox
  • Browser and OS: Safari 13 on iOS 13.1.1

Issue description

When attempting to submit card details using the drop-in UI via Safari 13 on iOS 13.1.1 the UI refreshes and the user can’t proceed forward.

See my code below which was adapted from this official guide https://developers.braintreepayments.com/guides/drop-in/setup-and-integration/javascript/v3:

<form action="{{controllerURL}}" method="post" name="payment_method_form" id="payment_method_form">
    <div id="dropin-container"></div>
    <button id="submit-button">Pay Now</button>
    <script src="https://js.braintreegateway.com/web/dropin/1.22.1/js/dropin.min.js"></script>
    <script>
    var button = document.querySelector('#submit-button');

    braintree.dropin.create({
        authorization: {{clientToken}},
        container: '#dropin-container'
    }, function (createErr, instance) {
        button.addEventListener('click', function () {
            instance.requestPaymentMethod(function (err, payload) {
                if (!err) {
                    document.getElementById('nonce').value = payload.nonce;
                    document.payment_method_form.submit();
                }
            });
        });
    });
    </script>
</form>

This code works absolutely fine on desktop (macOS/windows) and Android (Chrome).

It fails on iOS 13.1.1 using Safari 13 outputting the following errors in the console:

[Error] XMLHttpRequest cannot load https://origin-analytics-sand.sandbox.braintree-api.com/{{marchantID}} due to access control checks. x (hosted-fields-frame.min.html:1:49617) (anonymous function) (hosted-fields-frame.min.html:1:49181)
[Error] XMLHttpRequest cannot load https://api.sandbox.braintreegateway.com/merchants/{{marchantID}}/client_api/v1/payment_methods/credit_cards due to access control checks. x (hosted-fields-frame.min.html:1:49617) (anonymous function) (hosted-fields-frame.min.html:1:48869)
[Error] XMLHttpRequest cannot load https://origin-analytics-sand.sandbox.braintree-api.com/{{marchantID}} due to access control checks. I (dropin.min.js:1:26547) request (dropin.min.js:1:26601) (anonymous function) (dropin.min.js:1:39242) sendEvent (dropin.min.js:1:235035) (anonymous function) (dropin.min.js:1:330055) (anonymous function) promiseReactionJob
[Error] XMLHttpRequest cannot load https://origin-analytics-sand.sandbox.braintree-api.com/{{marchantID}} due to access control checks. I (dropin.min.js:1:26547) (anonymous function) (dropin.min.js:1:26111)

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:7 (4 by maintainers)

github_iconTop GitHub Comments

3reactions
crookedneighborcommented, May 1, 2020

One thing I see is that you’re not preventing the form from submitting (buttons are submit type by default). So it’s possible that it’s submitting the form before the nonce is available.

Probably want to, at minimum add:

button.addEventListener('click', function (e) {
  e.preventDefault();

Going to close this for now, because as you said, updating the os fixes the issue. If we get more people reporting it, we can look into it further.

0reactions
crookedneighborcommented, Jul 27, 2022

Closing due to inactivity.

Read more comments on GitHub >

github_iconTop Results From Across the Web

XMLHttpRequest with query parameters cannot load due to ...
tried, no change: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'test.
Read more >
XMLHTTPRequest cannot load URL_HERE due to access ...
If you look in console it gives a non descript error: XMLHTTPRequest cannot load URL_HERE due to access control checks. Screenshot: stor.fit ...
Read more >
XMLHttpRequest cannot load XXX - Error Troubleshooting
XMLHttpRequest cannot load xxxxx. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://xxxxxxx' is therefore ...
Read more >
XMLHttpRequest cannot load XXX No 'Access-Control-Allow ...
For any given URL it is possible that the SOP is not needed. A couple of common scenarios where this is the case...
Read more >
Fetch Api Cannot Load Due To Access Control Checks
iOS : ios Safari XMLHttpRequest cannot load due to access control checks ... you agree to our use of cookies as described in...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

`options.preselectVaultedPaymentMethod` does not preselect the active vaulted payment method

Next page

HOSTED_FIELDS_TIMEOUT; braintree inside iframe and shadow DOM