question

siddharth avatar image
siddharth asked enochflyn answered

CORS issue for Clover iframe integration

I am getting the following error:

Access to fetch at 'https://token-sandbox.dev.clover.com/v1/tokens' from origin 'https://checkout.sandbox.dev.clover.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
I have instantiated Clover with the public key of the e-commerce API token.
I am using a test merchant.
The first time I tried using the createToken() I got back a token.
But after that even having the same code gives the above-stated error.
I have checked that my code is same as the codepen by Gareth DSouza and I still get the error.

I have also noticed similar issue happening in 2024 for manyothers as well.
I am on a tight deadline, so I would really appreciate a quick response

API Token
10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

siddharth avatar image
siddharth answered

Found this codepen and it is facing the same issue as well.
https://codepen.io/gareth-dsouza/pen/RwPjBXJ?editors=1010

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

mina12 avatar image
mina12 answered

Your writings stick out to me since the content is interesting and simple to understand. Even though I've read a lot of websites, I still like yours more. Your essay was interesting to read. I can understand the essay better now that I've read it carefully. In the future, I'd like to read more of your writing free game candy clicker 2 2024

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

ateesdalejr avatar image
ateesdalejr answered

@Siddharth they broke this in sandbox for users of Firefox, which has a stricter cross-origin policy than most other browsers because they applied a patch, but forgot to add it to the CSP tag. My recommendation is to switch to another browser, but this still may be broken for your users in production.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

larissaemberds avatar image
larissaemberds answered

Thanks for recommendation!

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

enochflyn avatar image
enochflyn answered

@papa's scooperia If you are testing locally (e.g., using localhost), CORS issues can arise. Ensure that you are testing from a domain that is recognized by the Clover API.

10 |2000

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community