Hosted Tokenization - iPhone Chrome mobile iframe post issue

Hello, I found an issue on the iphone with the google chrome mobile browser, where you can simply click on the iframe and it will make a post to moneris. I'm using the hosted tokenization solution and i have the credit card, expiry date and cvd controls on my web page. Just by tapping the iframe section, it will post to moneris and return the following.

Response code: 942
Error Message: Invalid credentials.

Of course it's not calling my button click event to post the message. It post to moneris on it's own.

This is occurring on all of our web pages where the hosted tokenization iframe is present.

My guess is that it's a bug in the chrome browser but I would appreciate if Moneris could confirm the bug and if there's a workaround for it.

Thanks, Patrick

JesseV
- 0
- 30 Apr 2019 5:17 PM
We are also seeing this behaviour on our checkout page. As a workaround, we're just ignoring all response messages from Moneris until the button to post has been clicked.
RR_Moneris
- 1
- 1 May 2019 10:48 AM
In reply to JesseV:
Hi,

Yeah since a certain version of Chrome on mobile this has been an issue. We do have a work around for it. When loading our form (within the iframe), provide the extra parameter pmmsg=true. For example:

<iframe id=monerisFrame src="esqa.moneris.com/.../index.php frameborder='0' width="200px" height="30px"></iframe>

When posting the message post 'tokenize'. For example:
monFrameRef.postMessage('tokenize','esqa.moneris.com/.../index.php');

This way we only submit the form with the message tokenize.
- Cancel
JesseV
- 0
- 1 May 2019 11:56 AM
In reply to RR_Moneris:
Thank you. This workaround did the trick!