redirect_to 外部 Stripe 结帐 URL 在 Rails 7 中不起作用
redirect_to external Stripe checkout URL not working in Rails 7
对于 Stripe 的新结帐,需要在创建会话后重定向到外部 URL。
def create_checkout_session
Stripe.api_key = "sk_test_"
session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: 'KYC services',
},
unit_amount: 1000,
},
quantity: 1,
}],
mode: 'payment',
# These placeholder URLs will be replaced in a following step.
success_url: 'https://example.com/success',
cancel_url: 'https://example.com/cancel'
})
redirect_to session.url, status: 303, allow_other_host: true
我的redirect_to没有带我去任何地方,终端也没有报错。如果我不包括 allow_other_host: true 我会收到一条错误消息 Unsafe redirect to "https://checkout.stripe.com.
如何在 Rails 7 中对外部 URL 实施 redirect_to?为了这个演示应用程序,我不介意漏洞。
我在 Rails 7 + Stripe Checkout 中遇到了同样的问题,我相信 Turbolinks 正在拦截并导致重定向在某处爆炸。
我现在找到了一个解决方法——将 data: { turbo: false } 添加到相应视图的 link 或按钮助手为我修复了它。
我也遇到了这个错误。 Strip Checkout 重定向在 Rails 6 下运行良好,但当我更新到 Rails 7 时,重定向被阻止。这是我在控制台中看到的错误:
new:1 Access to fetch at '<VALID & FUNCTIONING STRIPE URL HERE>' (redirected from 'http://localhost:3000/sessions/1/charges') from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
控制器代码如下:
def create
@charge = Charge.new(charge_params)
@charge.seller = @session.user
@charge.purchaser = current_user if current_user
@charge.session = @session
if @charge.save
the_root_url = URI.join(root_url).to_s.chomp('/')
success_url = the_root_url + session_charge_success_path(@session, @charge)
cancel_url = the_root_url + session_path(@session)
@charge.update "success_url": success_url
@charge.update "cancel_url": cancel_url
stripe_session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: "Download the high resolution photo",
},
unit_amount: @session.default_price_cents,
},
quantity: 1,
}],
mode: 'payment',
success_url: @charge.success_url,
cancel_url: @charge.cancel_url,
})
redirect_to stripe_session.url, status: 303, allow_other_host: true
else
redirect_to @session, notice: "Sorry, something went wrong."
end
结束
本地发生的情况与生产中发生的情况相同。
解决方案! (上面有介绍,一时想不起来)
我改变了这个:
<%= form.submit "Buy", class: "btn btn-primary btn-block col-12 my-1" %>
对此:
<%= form.submit "Buy", data: { turbo: false }, class: "btn btn-primary btn-block col-12 my-1" %>
对于 Stripe 的新结帐,需要在创建会话后重定向到外部 URL。
def create_checkout_session
Stripe.api_key = "sk_test_"
session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: 'KYC services',
},
unit_amount: 1000,
},
quantity: 1,
}],
mode: 'payment',
# These placeholder URLs will be replaced in a following step.
success_url: 'https://example.com/success',
cancel_url: 'https://example.com/cancel'
})
redirect_to session.url, status: 303, allow_other_host: true
我的redirect_to没有带我去任何地方,终端也没有报错。如果我不包括 allow_other_host: true 我会收到一条错误消息 Unsafe redirect to "https://checkout.stripe.com.
如何在 Rails 7 中对外部 URL 实施 redirect_to?为了这个演示应用程序,我不介意漏洞。
我在 Rails 7 + Stripe Checkout 中遇到了同样的问题,我相信 Turbolinks 正在拦截并导致重定向在某处爆炸。
我现在找到了一个解决方法——将 data: { turbo: false } 添加到相应视图的 link 或按钮助手为我修复了它。
我也遇到了这个错误。 Strip Checkout 重定向在 Rails 6 下运行良好,但当我更新到 Rails 7 时,重定向被阻止。这是我在控制台中看到的错误:
new:1 Access to fetch at '<VALID & FUNCTIONING STRIPE URL HERE>' (redirected from 'http://localhost:3000/sessions/1/charges') from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
控制器代码如下:
def create
@charge = Charge.new(charge_params)
@charge.seller = @session.user
@charge.purchaser = current_user if current_user
@charge.session = @session
if @charge.save
the_root_url = URI.join(root_url).to_s.chomp('/')
success_url = the_root_url + session_charge_success_path(@session, @charge)
cancel_url = the_root_url + session_path(@session)
@charge.update "success_url": success_url
@charge.update "cancel_url": cancel_url
stripe_session = Stripe::Checkout::Session.create({
line_items: [{
price_data: {
currency: 'usd',
product_data: {
name: "Download the high resolution photo",
},
unit_amount: @session.default_price_cents,
},
quantity: 1,
}],
mode: 'payment',
success_url: @charge.success_url,
cancel_url: @charge.cancel_url,
})
redirect_to stripe_session.url, status: 303, allow_other_host: true
else
redirect_to @session, notice: "Sorry, something went wrong."
end
结束
本地发生的情况与生产中发生的情况相同。
解决方案! (上面有介绍,一时想不起来)
我改变了这个:
<%= form.submit "Buy", class: "btn btn-primary btn-block col-12 my-1" %>
对此:
<%= form.submit "Buy", data: { turbo: false }, class: "btn btn-primary btn-block col-12 my-1" %>