We have an e-commerce website from where we redirect to a payment gateway portal, Once the transaction is done the payment gateway portal redirect back to our e-commerce website with response form data, after hitting our response page we’re getting 404 error with content security policy is blocking the redirection, please find the screenshot that i have attached.
Our Website is developed using angular 11, as well as we’re using ssr for seo optimization.
2
Answers
this is a common problem with CSP that is supposed to be fixed on the backend, I don’t know which framework you are using, if it is Spring Boot with Java, then I will be something like this:
Content Security Policies don’t have the ability to block redirects that originate from the payment gateway.
The problem you’re seeing is that your application isn’t handling
POST
requests to http://beta.samidirect.com/home. Your application is instead providing a 404 error and is replying with a default 404 page that includes inline styles that are blocked by the CSR. Presumably, your Angular application doesn’t utilize inline styles, which is why you wouldn’t see this error on pages handled with Angular. You need to solve the 404 problem instead of the CSR problem.You will need to implement a server application that can handle the
POST
request, verify the transaction was legitimate, verify that the transaction was processed with the correct amounts and then redirect toGET
http://beta.samidirect.com/home. This problem cannot be solved with entirely with Angular 11, you must create a backend component.