3.1 Card Connect Iframe displays a sad/frowny face in the input field for the credit card number.
Default Subject
Problem
I'm using the CardConnect iFrame for my WebTrac transactions and there is a sad/frowny face in the input field where the credit card number should be entered.
Solution
Update your WebTrac web server's Content-Security-Policy HTTP Response Headers so that it includes "https://*.cardconnect.com."
Steps For Solution
- Log onto your WebTrac web server.
- Open IIS by clicking the Windows Start button l Administrative Tools l Internet Information Services (IIS) Manager.
- In the Connections area, expand server name, and then expand Sites.
- Click on the WebTrac website, which by default is VSI3_WEBTRAC, though your setup may vary.
- In the VSI3_WebTrac Home area, double-click HTTP Response Headers within the IIS grouping
- Select Content-Security-Policy from the list, click Edit...
- Replace the values you see with the information in Value column list below.
- Click OK when done.
Name |
Value |
Content-Security-Policy |
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https://*.googleapis.com https://*.google.com https://*.gstatic.com https://etsemoney.com https://*.etsemoney.com https://*.emoney.com *.cardconnect.com; img-src * 'self' data: ; |
Notes:
The Content-Security-Policy has a lot of different options, which could cause different content from loading especially if it is from different domains. This could impact those who have content that loads from other domains like images, scripts, styles, fonts, etc. that might stop functioning.