checkout form and payment option is not loading checkout page in iframe

  • Resolved niteshpandit

    (@niteshpandit)


    1 year ago

    Hello,

    I have one Woocommerc website https://wordpress-922863-4276849.cloudwaysapps.com/ this is site URL.

    now I want to open this site in an iframe on another site at https://lujayninfoways.a2hosted.com/blinkifram/. I have added an iframe code to this site.

    so the site is working but we are not able to fetch checkout page details due to some error in some plugin privacy.

    so is there any way to open a woo-commerce site in an iframe without any conflict or any plugin restriction?

    we are found this on google 

    If you are trying to load the cart/checkout page of your website (Ex: abc.com) on another website (Ex: xyz.com), the website abc.com will block requests from xyz.com due to the CORS policy.
    WooCommerce protects the checkout page from being included in an iframe by other websites/domains. (by setting X-Frame-Options directive to SAMEORIGIN)
    I wouldn’t recommend loading the checkout page this way, because even if you achieve it by modifying the CORS headers, the payment gateway might fail.

    so how can we solve this error?

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support Shameem R. a11n

    (@shameemreza)

    Hi @niteshpandit,

    You’re on the right track with your research and understanding of the issue. The Cross-Origin Resource Sharing (CORS) policy and the X-Frame-Options directive are indeed designed to protect your WooCommerce checkout page from being embedded in an iframe on another domain. This security feature helps prevent clickjacking attacks and unauthorized data access.

    While it’s technically possible to modify the CORS headers to allow your checkout page to be loaded in an iframe on another domain, as you mentioned, this could potentially cause issues with your payment gateway and expose your site to other security risks.

    Instead of bypassing these security features, I recommend considering alternatives that meet your needs without compromising security.

    For example, you could use the WooCommerce REST API to create a custom checkout process on your other website. This would allow you to control the checkout process while keeping it within the same domain.

    I hope this clarifies your concern. If you have any other questions, feel free to ask.

Viewing 1 replies (of 1 total)
  • The topic ‘checkout form and payment option is not loading checkout page in iframe’ is closed to new replies.