Javascript – window.opener is null – used to work until now

Summary: Somehow, window.opener of an opened tab stopped being populated, while not long ago (couple of months), it still worked.

I have a flow in my app in which the user is redirected to a Stripe payment screen in a new tab. Lets say my shop is hosted on https://shop.com

Because the checkout url is only generated after the user presses the "buy" button, I first open a new tab with const ref = window.open(). After that, I call ref.document?.write("Please wait...") to make sure the user sees something in the new tab.

When the promise resolves with the checkout url, I call ref.location = checkoutUrl, which redirects the tab to the Stripe checkout url on https://stripe.com.

When the checkout is done, Stripe redirects the page to another page inside my domain, namely https://shop.com/redirect. This redirect determines based on query params whether the payment succeeded or failed.

What I’ve been doing for ages, is call window?.opener?.postMessage('payment-success', '*'); on the opened tab to notify the original tab that the payment succeeded. After that, I call window.close() on the opened tab, to redirect the user back to the original page.

Now, quite recently, the window?.opener?.postMessage(...) call doesn’t work anymore, because window?.opener is null. This has been working for ages, but now, it’s not anymore. I looked up the last time I deployed my app, which was 177 days ago, and back then, it still worked.

Did something change regarding security policies? Both Chrome and Safari refuse to populate window?.opener. Does anybody have an idea what changed, and what I can do to fix this?