-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
All inputs created with type="tel" #9
Comments
@aloneartist We are working on an update to address this. A short-term solution is below:
// new variable
var cardHolderNameIframe;
cardForm.ready(function(fields) {
// this is a new line to get a reference to the card-holder-name iframe once the form is ready
cardHolderNameIframe = fields['card-holder-name'];
});
// this is new code to capture changes to your new card holder name input
document.getElementById("cardholder-name-source").addEventListener("input", (e) => {
if (!cardHolderNameIframe) {
return;
}
// pipe the new value to the card-holder-name iframe
cardHolderNameIframe.setValue(e.currentTarget.value);
}); These changes should get you going and not introduce any additional PCI-DSS scope to your integration. Please let us know if there are any questions/concerns. |
How far can this go without introducing PCI-DSS issues? Is it just a question of ensuring that my server never receives the credit card information? I would very much like to make Chrome able to autofill the credit card data, but this styling can't be done with the iframe elements on their own. |
@aloneartist Small update. We have the necessary changes in place to correct the input type for the card holder name. We're currently under an organization-wide code freeze, but once that's lifted, we are looking to get this change pushed out to production. We'll circle back around once it's available. @JamesB7 While technically possible to expand the above solution for the card holder name to the card data fields (card number, expiration date, security code, and submit button), this will alter your PCI-DSS scope and compliance requirements since the card holder is no longer entering their card data into a Heartland / Global Payments controlled environment. As noted in #5, our next production deployment will allow for both PaymentRequest and credit card auto-fill from the browsers that support those. |
Excellent. Around when is this expected to happen? Thanks! |
Apologies for the delay. We had some unforeseen restrictions put in place internally that added time to our deployment. This has been pushed out to our production environment. The latest version is now 1.3.0 available at:
|
All iframe input fields are created with
type="tel"
, see:globalpayments-js/src/ui/iframe-field/index.ts
Line 53 in b19eeb5
This causes issue for alphanumeric fields(like
card holder name
) on modern mobile devices.User is not able to fill such fields properly, as on mobile devices such field will switch keyboard layout to "phone", allowing only numeric values to be typed in.
The text was updated successfully, but these errors were encountered: