|Home » Technical Support » Elevate Web Builder Technical Support » Support Forums » Elevate Web Builder General » View Thread|
|Messages 1 to 10 of 13 total|
|Tue, Mar 18 2014 12:22 PM||Permanent Link|
Hmm, I appear to be down a rabbit hole...
I have a form for a web shop, and I would like to do the "3D-Secure" conformation
in a TPage so that the user doesn't have to go anywhere. It seemed all quite
sensible, until I realised that I have to POST the data to the web page, and the
TPage.URL only sets the href and thus does a GET.
Anyone know how to hack this to allow me to POST?
|Wed, Mar 19 2014 11:46 AM||Permanent Link|
Tim Young [Elevate Software]
Elevate Software, Inc.
<< I have a form for a web shop, and I would like to do the "3D-Secure"
conformation in a TPage so that the user doesn't have to go anywhere. It
seemed all quite sensible, until I realised that I have to POST the data to
the web page, and the TPage.URL only sets the href and thus does a GET.
Anyone know how to hack this to allow me to POST? >>
AFAIK, the only way to do a POST in a TPage (iframe) is if the user
|Wed, Mar 19 2014 12:23 PM||Permanent Link|
> AFAIK, the only way to do a POST in a TPage (iframe) is if the user
> initiates it.
Hmm, that's interesting. I've got myself to the point where I need to solve this,
but it must be doable somehow because the normal "Verified by Visa" type stuff
works in everyone else's shopping carts without me doing anything. It may be that
the server with a custom page or something. I will study how the VbV is normally
done, then come back with info and experimentations.
|Wed, Mar 19 2014 1:31 PM||Permanent Link|
This suggests that I need to POST using a FORM. I can set the target to the output
frame. Not yet sure how to post yet, but it seems that TPanels are <form>s so that
is promising. Okay, reading the EWB source code (so good to have that - worth lots)
I can see that a TPanel is an excellent target for hacking.
Okay, so far I can get it to POST the form, but not the inputs.
procedure TCustomPanel.FormHackPost(szURL : String; xParams : TStringList; szTarget
: String); // MJ
xInput : THTMLInputElement;
nLoop : Integer;
FForm.target := szTarget;
FForm.action := szURL;
for nLoop := 0 to xParams.Count - 1 do
xInput := THTMLInputElement(CreateHTMLElement('input'));
xInput.type := 'text';
xInput.name := xParams.Names[nLoop];
xInput.value := xParams.ValueFromIndex[nLoop];
This is sort of working, in that the DOM now looks like: (with the styles cut for
<form class="pnl_back" enctype="multipart/form-data" method="post"
target="frmShop_page3DSecure" id="pnlHack" action="https://example.com" >
<input type="text" name="PaReq">
<input type="text" name="MD">
<input type="text" name="TermUrl">
The interesting thing is that the inputs are not "closed" in the HTML, and they
have no values. The StackOverflow example I found has:
<input type="text" name="someText" value="Some Text" />
which implies I've not got that part of the code right. But it is POSTing to the
proper destination, and appearing in the TPage iframe, so that is good. The page
now shows a server generated error saying it can't find the PaReq value, which is
More as and when I can get to it, which maybe tomorrow.
|Wed, Mar 19 2014 1:48 PM||Permanent Link|
Update: The values are visible on the TPanel, and I think are basically okay.
Chrome's network debug panel shows the data is sent just fine. I think I'm just
sending it wrong.
And indeed I am!
The data for 3DSecure needs to be sent as params in the URL, not as <input> data.
pnlHack.FormHackPost(sz3DURL + '?' + szEncodedData, xParams,
works fine. I've obviously done a load more work for the inputs than I needed to,
but it is left for others to play with.
It would be nice to have an official mechanism for this to be done. Ideally passing
in a TPage to have as the destination. Happy to wait for v2 to be out before that's
looked at though. This is a key requirement for the 3D secure web payment stuff, so
needs to be possible, preferably without my hacking it.
|Wed, Mar 19 2014 1:57 PM||Permanent Link|
Oh so triumphant! Unfortunately, when I click on the Submit button, it isn't
submitting now I've set it to the right destination. Hmm, seems like that is an
http in an https page problem, as if I set it to an https then it works. Not an
issue - that lets me move onto my next step!
What I like about this is that I will be able to post details of the application at
some point. I'll have to work out how to give a proper demo account as I am not
allowed to give the test card details out.
|Thu, Mar 20 2014 4:46 AM||Permanent Link|
I should point out, for anyone who follows the path of my Hack function, that the
inputs are not removed, and thus the next call adds another set with the same names.
That probably isn't what you want! Fix is left as an exercise for the reader. 8-)
|Tue, Mar 25 2014 11:38 AM||Permanent Link|
Tim Young [Elevate Software]
Elevate Software, Inc.
<< First investigations:
That's not what you asked, or at least not what I thought you were asking.
You asked how to execute a POST *in* an iframe, not how to redirect the
output from a POST *to* an iframe. The form submittal example that comes
with EWB shows you how to redirect a POST to a TPage: you set the
FormOutputPage property of the panel/form executing the Submit.
|Tue, Mar 25 2014 12:41 PM||Permanent Link|
> That's not what you asked, or at least not what I thought you were
You say potato... 8-)
I'll look up the proper option now. I think the confusion is my lack of knowledge
of how these things /can/ work and therefore what terms to ask for.
|Tue, Mar 25 2014 1:00 PM||Permanent Link|
pnlHack.FormURL := sz3DURL + '?' + szEncodedData;
Indeed, this all works nicely. People can happily ignore my hack, it is already
|Page 1 of 2||Next Page »|
|Jump to Page: 1 2|