2

我使用 Paymill API 使用 3D 安全付款:

paymill.createToken(params, paymillResponseHandler, tdsInit, tdsCleanup);

文档中的这一部分完全不起作用:

var tdsInit = function(iframeUrl, cancelFn) {
  var body   = document.body || document.getElementsByTagName('body')[0];
  var iframe = document.createElement('iframe');

  iframe.id               = 'tdsIframe';
  iframe.src              = iframeUrl;
  iframe.width            = 600;
  iframe.height           = 500;
  iframe.style.zIndex     = 0xffffffff;
  iframe.style.background = '#fff';
  iframe.style.position   = 'absolute';

  body.insertBefore(iframe, body.firstChild);
};

所以我这样做:

function tdsInit(iframeUrl, cancelFn) {
    var body   = document.body;
    var div3D  = document.createElement("div");
    div3D.id = "div3Dsecure";
    body.insertBefore(div3D, body.firstChild);
    var pareq = decodeURIComponent(iframeUrl.params.PaReq.replace(/\+/g,  " "));
    var termurl = decodeURIComponent(iframeUrl.params.TermUrl.replace(/\+/g,  " "));
    div3D.innerHTML='.$dot.'<form id="3Dsecureform" action="'.$dot.'+iframeUrl.url+'.$dot.'" method="POST"><textarea name="PaReq" style="display:none">'.$dot.'+pareq+'.$dot.'</textarea><input type="hidden" name="TermUrl" value='.$dot.'+termurl+'.$dot.'><input type="hidden" name="MD" value='.$dot.'+iframeUrl.params.MD+'.$dot.'></form>'.$dot.';
    var iframe = document.createElement("iframe");
    iframe.id               = "tdsIframe";
    iframe.src              = "";
    iframe.width            = 600;
    iframe.height           = 500;
    iframe.style.zIndex     = 0xffffffff;
    iframe.style.background = "#fff";
    iframe.style.position   = "absolute";
    iframe.scrolling        = "no";
    body.insertBefore(iframe, body.firstChild);
    document.forms[0].target = "tdsIframe";
    document.forms[0].submit();
};

付款正常,但是当客户使用 Sberbank 的卡付款时,我们遇到了问题:iframe 而不是显示来自 ACS 的 3D 安全页面,只对成功验证此付款做出响应。

<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Return to Merchant's site</title>
<SCRIPT>
            function onLoadHandler() {
                document["PAResForm"].submit();
            }
        </SCRIPT>
</head>
<body onLoad="onLoadHandler();">
<BR>
<BR>Processing...
        <FORM NAME="PAResForm" METHOD="post" ACTION="https://ctpe.net/payment/threedsecure?ndcid=8BE948ADB647AF64A9C2640B81DC4B82.lon-vm-fe05&jsessionid=.lon-vm-ps02">
<INPUT NAME="PaRes" TYPE="hidden" VALUE="eJxVkLFuAjEMhl/Fyt7kOAnRwRcGKBtT6YyinI+LlMSVExCP30OEVpW82L/9/bZxe08RbiQlcB7USncKKHseQ74M6ut0eHtXW4unWYj2n+SvQhaPVIq7EIRxUPcprc+bc69XXdd3G2XxQ4TFYmPaBal7NK8U6SHveCS7RvOXPOuNbA8syVXgCTgTsEBiIaBIiXItEJbINxfDCM57lse2UBnqTFC+yYcpeFcXO90sXtyny56qC9EeSfzsctVXia2vKWjaEeZ30Px7wQ9uC2z4"><INPUT NAME="MD" TYPE="hidden" VALUE="8a8394823cd8c78d013cf365e77a3ac5">
</FORM>
</body>
</html>

首先,我认为 Sberbank 存在一些错误,但客户使用另一个 PSP 进行了另一笔付款,并拥有来自 Sberbank 的 3D 安全窗口:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<SCRIPT LANGUAGE="JavaScript" SRC="/sberbank/common/global.js"></SCRIPT>
<LINK href="/sberbank/common/va_style.css" rel=STYLESHEET type="text/css">
<title>Verified by VISA - Пароль безопасности</title>
<SCRIPT type="text/javascript">
strBeforeUnload = "Ваша транзакция не завершена!\
Для продолжения, нажмите кнопку 'Отмена' и введите пароль на странице проверки безопасности.";
<!-- page for OTP_SMS -->
var PAMs = new Array();
PAMs[0] = new Array("0","None");

我不明白我在哪里做错了。也许有人可以帮助我?

4

1 回答 1

5

抱歉,文档中似乎有一个过时的代码示例。请查看以下 tdsInit() 回调示例(这是 Bridge.js 默认实现的简化版本,以说明该过程):

var tdsInit = function tdsInit(redirect, cancelCallback) {
    var url = redirect.url, params = redirect.params;
    var body = document.body || document.getElementsByTagName('body')[0];

    var iframe = document.createElement('iframe');
    body.insertBefore(iframe, body.firstChild);

    var iframeDoc = iframe.contentWindow || iframe.contentDocument;
    if (iframeDoc.document) iframeDoc = iframeDoc.document;

    var form = iframeDoc.createElement('form');
    form.method = 'post';
    form.action = url;

    for (var k in params) {
        var input = iframeDoc.createElement('input');
        input.type = 'hidden';
        input.name = k;
        input.value = decodeURIComponent(params[k]);
        form.appendChild(input);
    }

    if (iframeDoc.body) iframeDoc.body.appendChild(form);
    else iframeDoc.appendChild(form);

    form.submit();
};

但是请注意,tdsInit 和 tdsEnd 都是可选参数。如果你想自定义 iframe 的外观和感觉,你只需要这些。

于 2013-05-21T11:29:12.663 回答