From a4630ca8537a514f261e3efcd79192b1ca28fae8 Mon Sep 17 00:00:00 2001
From: Shane Logsdon <shane@shanelogsdon.com>
Date: Tue, 31 Aug 2021 09:45:40 -0400
Subject: [PATCH 1/4] add a local response viewer

---
 .../process-a-payment-embedded-autoload.html  |  2 +-
 examples/hpp/process-a-payment-embedded.html  |  2 +-
 examples/hpp/process-a-payment-lightbox.html  |  2 +-
 examples/hpp/response.php                     | 44 +++++++++++++++++++
 4 files changed, 47 insertions(+), 3 deletions(-)
 create mode 100644 examples/hpp/response.php

diff --git a/examples/hpp/process-a-payment-embedded-autoload.html b/examples/hpp/process-a-payment-embedded-autoload.html
index d695c7d..5d6965b 100644
--- a/examples/hpp/process-a-payment-embedded-autoload.html
+++ b/examples/hpp/process-a-payment-embedded-autoload.html
@@ -13,7 +13,7 @@
                 RealexHpp.embedded.init(
                     "autoload",
                     "targetIframe",
-                    "https://dev.rlxcarts.com/mobileSDKsV2/response.php",
+                    "/examples/hpp/response.php",
                     jsonFromServerSdk,
                     {
                         onResize:function(data){
diff --git a/examples/hpp/process-a-payment-embedded.html b/examples/hpp/process-a-payment-embedded.html
index a82e96a..0878ccd 100644
--- a/examples/hpp/process-a-payment-embedded.html
+++ b/examples/hpp/process-a-payment-embedded.html
@@ -13,7 +13,7 @@
                 RealexHpp.embedded.init(
                     "payButtonId",
                     "targetIframe",
-                    "https://dev.rlxcarts.com/mobileSDKsV2/response.php",   // merchant url
+                    "/examples/hpp/response.php",   // merchant url
                     jsonFromServerSdk,  // form data
                     {   // options
                         onResize:function(data){
diff --git a/examples/hpp/process-a-payment-lightbox.html b/examples/hpp/process-a-payment-lightbox.html
index 90fe77b..cca827f 100644
--- a/examples/hpp/process-a-payment-lightbox.html
+++ b/examples/hpp/process-a-payment-lightbox.html
@@ -12,7 +12,7 @@
             $.getJSON("/examples/hpp/proxy-request.php?slug=process-a-payment", function (jsonFromServerSdk) {
                 RealexHpp.lightbox.init(
                     "payButtonId",
-                    "https://dev.rlxcarts.com/mobileSDKsV2/response.php", // merchant url
+                    "/examples/hpp/response.php", // merchant url
                     jsonFromServerSdk   //form data
                 );
                 $('body').addClass('loaded');
diff --git a/examples/hpp/response.php b/examples/hpp/response.php
new file mode 100644
index 0000000..ec289ec
--- /dev/null
+++ b/examples/hpp/response.php
@@ -0,0 +1,44 @@
+<?php
+
+$referrer = $_SERVER['HTTP_REFERER'];
+
+if (empty($_POST['hppResponse'])) {
+    header('Location: ' . $referrer);
+    exit();
+}
+
+$hppResponse = $originalHppResponse = $_POST['hppResponse'];
+
+try {
+    if (null === ($hppResponse = json_decode($hppResponse, true))) {
+        throw new Exception();
+    }
+
+    foreach ($hppResponse as $k => $v) {
+        try {
+            $hppResponse[$k] = base64_decode($v);
+        } catch (Exception $e) {
+            /* */
+        }
+    }
+}
+catch (Exception $e) {
+    $hppResponse = $originalHppResponse;
+}
+
+?><!DOCTYPE html>
+<html>
+<head>
+    <title>HPP Demo Response</title>
+    <meta charset="UTF-8">
+</head>
+<body>
+    <h1>HPP Demo Response</h1>
+    <div>
+        <pre><?php print_r($hppResponse); ?></pre>
+    </div>
+    <div>
+        <a href="<?php echo $referrer; ?>">Try Again</a>
+    </div>
+</body>
+</html>

From af81424f48bdaeba1dfa2020f6a7b30dedd6d03b Mon Sep 17 00:00:00 2001
From: Shane Logsdon <shane@shanelogsdon.com>
Date: Tue, 7 Sep 2021 22:55:19 -0400
Subject: [PATCH 2/4] perform basic check that data is from hpp

HPP should only send the parent window string messages, so if a
non-string value is sent (e.g. from a browser extension), we ignore it.
---
 lib/rxp-hpp.js | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/lib/rxp-hpp.js b/lib/rxp-hpp.js
index 192ff75..ef3f065 100644
--- a/lib/rxp-hpp.js
+++ b/lib/rxp-hpp.js
@@ -159,6 +159,10 @@ var RealexHpp = (function () {
 
 			var _r;
 
+			if (typeof answer !== "string") {
+				return null;
+			}
+
 			try {
 				_r=JSON.parse(answer);
 			} catch (e) {
@@ -442,9 +446,21 @@ var RealexHpp = (function () {
 			if (!internal.isMessageFromHpp(e.event.origin, hppUrl)) {
 				return;
 			}
+
+			if (!e.event.data) {
+				return;
+			}
+
+			var evtdata = internal.decodeAnswer(e.event.data);
+
+			// we received an invalid message from the HPP iframe (e.g. from a browser plugin)
+			// return early to prevent invalid processing
+			if (evtdata === null) {
+				return;
+			}
+
 			// check for iframe resize values
-			var evtdata;
-			if (e.event.data && (evtdata=internal.decodeAnswer(e.event.data)).iframe) {
+			if (evtdata.iframe) {
 				if (!isMobileNewTab()) {
 					var iframeWidth = evtdata.iframe.width;
 					var iframeHeight = evtdata.iframe.height;
@@ -510,9 +526,8 @@ var RealexHpp = (function () {
 				};
 				var response = e.event.data;
 				//allow the script to intercept the answer, instead of redirecting to another page. (which is really a 90s thing)
-				if(typeof e.url==='function'){
-					var answer=internal.decodeAnswer(response);
-					e.url(answer,_close);
+				if (typeof e.url === 'function'){
+					e.url(evtdata, _close);
 					return;
 				}
 				_close();

From 6a0a47622d548344f586a8c69daee01b43d04c44 Mon Sep 17 00:00:00 2001
From: Shane Logsdon <shane@shanelogsdon.com>
Date: Tue, 7 Sep 2021 23:27:13 -0400
Subject: [PATCH 3/4] add basic code documentation

---
 lib/rxp-hpp.js | 144 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 140 insertions(+), 4 deletions(-)

diff --git a/lib/rxp-hpp.js b/lib/rxp-hpp.js
index ef3f065..428fe77 100644
--- a/lib/rxp-hpp.js
+++ b/lib/rxp-hpp.js
@@ -45,8 +45,16 @@ var RealexHpp = (function () {
 
 	var redirectUrl;
 
+	/**
+	 * Shared functionality across lightbox, embedded, and redirect display modes.
+	 */
 	var internal = {
 		evtMsg: [],
+		/**
+		 * Adds a new window message event listener and tracks it for later removal
+		 *
+		 * @param {Function} evtMsgFct
+		 */
 		addEvtMsgListener: function(evtMsgFct) {
 			this.evtMsg.push({ fct: evtMsgFct, opt: false });
 			if (window.addEventListener) {
@@ -55,6 +63,9 @@ var RealexHpp = (function () {
 				window.attachEvent('message', evtMsgFct);
 			}
 		},
+		/**
+		 * Removes a previously set window message event listener
+		 */
 		removeOldEvtMsgListener: function () {
 			if (this.evtMsg.length > 0) {
 				var evt = this.evtMsg.pop();
@@ -65,6 +76,9 @@ var RealexHpp = (function () {
 				}
 			}
         },
+		/**
+		 * Shimmed base64 encode/decode support
+		 */
 		base64:{
 			encode:function(input) {
 				var keyStr = "ABCDEFGHIJKLMNOP" +
@@ -155,6 +169,18 @@ var RealexHpp = (function () {
 				return unescape(output);
 			}
 		},
+		/**
+		 * Converts an HPP message to a developer-friendly version.
+		 *
+		 * The decode process has two steps:
+		 *
+		 * 1. Attempt to parse the string as JSON. If this fails, an error response
+		 *    is provided as we expect that the HPP has errored out to the cardholder
+		 * 2. Attempt to base64 decode the data to cover both HPP versions 1 and 2.
+		 *
+		 * @param {any} answer
+		 * @returns null if answer is not a string, otherwise the data from the HPP
+		 */
 		decodeAnswer:function(answer){ //internal.decodeAnswer
 
 			var _r;
@@ -178,6 +204,13 @@ var RealexHpp = (function () {
 			} catch (e) { /** */ }
 			return _r;
 		},
+		/**
+		 * Creates a new input of type `hidden`. Does not append to DOM.
+		 *
+		 * @param {string} name Name for the new input
+		 * @param {string} value Value for the new input
+		 * @returns the created input
+		 */
 		createFormHiddenInput: function (name, value) {
 			var el = document.createElement("input");
 			el.setAttribute("type", "hidden");
@@ -186,6 +219,11 @@ var RealexHpp = (function () {
 			return el;
 		},
 
+		/**
+		 * Determines a mobile device's orientation for width calculation
+		 *
+		 * @returns true if in landscape
+		 */
 		checkDevicesOrientation: function () {
 			if (window.orientation === 90 || window.orientation === -90) {
 				return true;
@@ -194,6 +232,12 @@ var RealexHpp = (function () {
 			}
 		},
 
+		/**
+		 * Creates a semi-transparent overlay with full width/height to serve as
+		 * a background for the lightbox modal
+		 *
+		 * @returns the created overlay
+		 */
 		createOverlay: function () {
 			var overlay = document.createElement("div");
 			overlay.setAttribute("id", "rxp-overlay-" + randomId);
@@ -221,6 +265,14 @@ var RealexHpp = (function () {
 			return overlay;
 		},
 
+		/**
+		 * Closes a lightbox modal and all associated elements
+		 *
+		 * @param {HTMLImageElement} closeButton
+		 * @param {HTMLIFrameElement} iFrame
+		 * @param {HTMLImageElement} spinner
+		 * @param {HTMLDivElement} overlayElement
+		 */
 		closeModal: function (closeButton, iFrame, spinner, overlayElement) {
 			if (closeButton && closeButton.parentNode) {
 				closeButton.parentNode.removeChild(closeButton);
@@ -246,6 +298,11 @@ var RealexHpp = (function () {
 			}, 300);
 		},
 
+		/**
+		 * Creates a close button for the lightbox modal
+		 *
+		 * @returns the created element
+		 */
 		createCloseButton: function (overlayElement) {
 			if (document.getElementById("rxp-frame-close-" + randomId) !== null) {
 				return;
@@ -272,6 +329,19 @@ var RealexHpp = (function () {
 			return closeButton;
 		},
 
+		/**
+		 * Creates a form and appends the HPP request data as hidden input elements to
+		 * POST to the defined HPP URL.
+		 *
+		 * The created form is not appended to the DOM and is not submitted at this time.
+		 *
+		 * @param {Document} doc
+		 * @param {object} token HPP request data
+		 * @param {bool} ignorePostMessage If true, the HPP will redirect to the defined
+		 * 					defined redirect URL. If false, the HPP will send a postMessage
+		 * 					to the parent window to be handled by this library.
+		 * @returns the created form
+		 */
 		createForm: function (doc, token, ignorePostMessage) {
 			var form = document.createElement("form");
 			form.setAttribute("method", "POST");
@@ -302,6 +372,12 @@ var RealexHpp = (function () {
 			return form;
 		},
 
+		/**
+		 * Creates a visual spinner element to be shown with the lightbox overlay while the
+		 * HPP's iframe loads
+		 *
+		 * @returns the created spinner element
+		 */
 		createSpinner: function () {
 			var spinner = document.createElement("img");
 			spinner.setAttribute("src", "data:image/gif;base64,R0lGODlhHAAcAPYAAP////OQHv338fzw4frfwPjIkPzx4/nVq/jKlfe7dv337/vo0fvn0Pzy5/WrVv38+vjDhva2bfzq1fe/f/vkyve8d/WoT/nRpP327ve9e/zs2vrWrPWqVPWtWfvmzve5cvazZvrdvPjKlPfAgPnOnPvp0/zx5fawYfe+ff317PnTp/nMmfvgwvfBgv39/PrXsPSeO/vjx/jJkvzz6PnNm/vkyfnUqfjLl/revvnQoPSfPfSgP/348/nPnvratfrYsvWlSvSbNPrZs/vhw/zv4P306vrXrvzq1/359f369vjHjvSjRvOXLfORIfOQHvjDh/rduvSaM/jEifvlzPzu3v37+Pvixfzr2Pzt3Pa1afa3b/nQovnSpfaxYvjFi/rbt/rcufWsWPjGjfSjRPShQfjChPOUJva0aPa2a/awX/e6dPWnTfWkSPScNve4cPWpUfSdOvOSI/OVKPayZPe9efauW/WpUvOYL/SiQ/OZMfScOPOTJfavXfWmSwAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUKKYmNh0ofjoklL4RLUQ+DVZmSAAswOYIKTE1UglUCVZ0AGBYwPwBHTU44AFU8PKuCEzpARB5OTjYAPEi5jQYNgzE7QS1ET1JTD7iqgi6chAcOFRsmABUQBoQuSAIALjwpMwqHCBYcJyrHhulF9xiJFx0WMo0Y99o18oBCWSIXKZI0eoBhkaQHEA0JIIAAQoYPKiSlwIKFyIAUnAYUSBAhAogVkmZc0aChIz0ACiQQCLFAEhIMKXhkO8RiRqMqBnYe0iAigwoXiah4KMEI0QIII1rQyHeoypUFWH0aWjABAgkPLigIKUIIiQQNrDQs8EC2EAMKBlIV9EBgRAHWFEes1DiWpIjWRDVurCCCBAqUGUhqxEC7yoUNBENg4sChbICVaasw3PCBNAkLHAI1DBEoyQSObDGGZMPyV5egElNcNxJAVbZtQoEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhUVFiY2HYlKOiUdDgw9hDg+DPjWSgh4WX4JYY2MagipOBJ4AGF0OnTVkZDEAX05mDawAXg5dGCxBQQRFTE5djkQYgwxhFghYSjIDZU6qgy6ahS8RSj6MEyImhAoFHYJJPAJIhz1ZERVfCi6HVelISDyJNloRCI08ArJrdEQKEUcKtCF6oEDBDEkPIhoSwEKFDCktDkhyuAgDD3oADOR40qIFCi4bZywqkqIKISRYKAwpIalKwCQgD7kYMi6RC0aOsGxB8KLRDA1YBCQqsaLpBqU6DSDVsMzQFRkkXhwBcIUBVHREDmIYgOWKAkMMSpwFwINAiCkCTI5cEaCBwYKBVTAAnYQjBAYFVqx4XLBgwK6dIa4AUFCjxjIDDCTkdIQBzAJBPBrrA0DFw2ZJM2gKcjGFgsIBa3cNOrJVdaKArmMbCgQAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFRSmJjYckK46JEjWECWqEQgSSghJnIYIzaSdFghdRQ5wAPBlalRIdHUcALzBrGKoAPVoJPBQWa1MNbDsJjgOMggtaaDkaCDREKG06OIMDHoYhEzRgpTQiWIQmCJhUEGxOT4dGEy1SYMmGLgVmTk5uiWBlLTQuiSTutXBERcSVRi5OWEtUBUMKE6r+FeJR48cFEjdeSEoigIfHJBIb/MixYgWCDZKQeFz5gFAVE0cWHHRUJUmSKhIRHSnVCENORCZYhJjys5CAGUWQJCISAsdQHolSLCoC1ZABMASmGACApYQCQg+kAkCCocgMpYWIGEBLMQYDBVRMiPAwoUFDEkEPPDrCUiOGAAUePCioogFLg1wuPMSgAkDAggUCAMzQwFiVgCEzkzy+C6DBFbSSiogbJEECoQZfcxEiUlk1IpWuYxsKBAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUzDYmNhxckjolXVoQQIy6DX5WSAFQZIYIKFQlFgjZrU50ASUojMZ4fblcAUBxdCqsALy1PKRpoZ0czJ2FKjgYpmQBEZSNbAys5DUpvDh6CVVdDy4M1IiohMwBcKwOEGFwQABIjYW3HhiwIKzQEM0mISmQ7cCOJU2is4PIgUQ44OxA4wrDhSKMqKEo0QpJCQZFuiIqwmGKiUJIrMQjgCFFDUggnTuKQKWNAEA8GLHCMLOkIB0oncuZgIfTAYooUkky8CLEASaIqwxzlczSjRgwGE3nwWHqISAynEowiEsADSddDBoZQOAKUigYehQQAreJVgFZCM1JSVBGEZMGCK1UapEiCoUiRpS6qzG00wO5UDVd4PPCba5ULCQw68tBwFoAAvxgbCfBARNADLFgGK8C3CsO5QUSoEFLwVpcgEy1dJ0LSWrZtQYEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhRgziY2HQgeOiUQ1hDcyLoNgFJKCJiIEggpSEIwALyALnQBVFzdTAANlZVcAQxEVCqsABCs0ClgTKCUCFVo9jg0pVYIpNDc/VBcqRFtZWrUASAtDhlhgLCUpAFAq2Z4XJAAaK2drW4dHITg4CwrMhg8IHQ52CIlUCISw8iARlzd1IjVCwsBEowciBjRKogDDOEdEQsSgUnAQEg0MasSwwkCSiig7loRBcURQEg0eatQgKekASjwcMpQohCRFkYuNDHwhcCVJoipYMDhSosHRjAULWib64STOjUQGGEDVgO8QHSdgMxxq4KEEFQEAZhjo6JEHAAZqUu44EWNIgQB8LzWYqKJAQRIegDsqiPElGRauSWbMQOKCBxK3q1xQ0VCEVZEiSAD85ZGpE5IrDgE8uIwPyd1VAkw1q+yx6y5RSl8nesBWtu1BgQAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFGEWJjYcEX46JDUeEG1sPgwQlkoIYUAuCPD00M4JfGVedAC5DIRoAMzQrWAA1I14CqwBHODg8JggiVwpPLQeORSlVor4UJj8/RDYTZUSCAiUxLoUGQxRHGABXMSaEA1wqABoXdCAvh0QxNTUlPNyGSDluWhHqiCYoxPCQCRGXLGrAOEoiwVQiJBdSNEKiAIM4R1SGTCFSUFASKhIWLGCgypGKNWHqoJECC0CSAUdEMmjZaMOaDmncILhGKIkABbocmfAgoUGjByaQOGrBwFEKLBrMJbIBh4yMSRqgmsB3CAKZHXAyHCpyBUtSABa5sjoAAoAECG9QgngxJAAJvgdF8lbhwQOAEidOYghSMCVEx0MK8j7Ye4+IHCdzdgHIq+sBX2YHnJhxKCnJjIsuBPAo+BfKqiQKCPEllCOS5EFIlL5OpHa27UAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFPBiJjYdXDI6JAlSENUMugx4akoJIVpwAVQQ4AoI1Mgadgh5WRAAKOCENAEc3PTyrABo1NQICIVAzPD00Qo4YCg+evR4YFBRFQjcrA4JJWAuGMx4lVAoAV1O0g1QbPgADP0oZYIcmDAsLGjyZhikqZS0Tx4gz8hLsGXJxYQQEAo6SaDCVCMMFE40e8ECSRJKBI0eKCASQxAQRLBo0WHPE5YwbNS1oVOLoEeQViI6MmEwwgsYrQhIpSiqi4UqKjYUeYAAaVMkRRzyKFGGU6IedDjYSKSiSgirRQTLChLGD4JCAGUsrTixU5QCdWivOrNliiKI9iRNNZ3wBY0KKHh1DPJVggRRJrhhOnBgxwIYMGl0AeIw9EjgEACMw2JCT5EKxIAxynFwRhCBKjFUSCQHJs0xQjy+ICbXoUuhqJyIlUss2FAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFVQKJjYdEDI6JPESECzVVg0RUkoJVHliCLlMxCoJUYAadglcMAwBJFDFFAA0hBEirACYLCwpJMVYNDyw4U44CPA+CSb0SPAsMKUdQIaqwDVguhQpXWAOmJhIYhBhTx0UhWyIEhykaWBoGSYgKUCQrCCGJCvHXhy583FhRw1GVBvQSpRAyo1GVJFUyORpw5IqBXINcYCjCsUgKST9QlCkjhss1jR1nfHT0BQUEKQUOmCjk4gFESSkGmEixDJELZY14iDjiKAkPJDwa+UDjZkMipEgZIUqyIYGWLDR6EkqSjEcmJTeSDuLxY8QuLi2ybDFUReuAPU5W+KTgkkOCCgsc9gF4wEvrISlOnLAgAiePCgFnHKDQBQCIkycADADR4QPAFAd8Gqwy4ESLIAF2dlAQ5KMPlFULpBACgUezIChfGBOiAUJ2oiJXbOsmFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFDzyJjYcNEo6JSAaEGgtJgyZEkoIPGgODEgwKggZDJp2CAxoNAA8lDEUAKTE1jKopWBoKDwsMMw9TNQuOSUkuglVYWERJWFe6VjGuAFUKJsmESDNFKUgAGAaZgwKxAAILLFDFhjzeRUVViEgSBDghDJPxKY0LISGuOHKBYd4kD6USPVj4QJIJKkQakBvEo2JFAZJCiFhBI4eQVIKQWKwoCQcCGj0ufJlRyEXDTkVmzOiViIgblokU0IjU6EUeJy0a/ZjQQshLQ1ucKE2Dy5ACMFJaTLhgkNAXJ3m6DAFwwwtOQQpeeAnnA8EEG4Y8MMBlgA2cEylSVORY8OVMhBCDihw5emiFDh1gFITp8+LBCC1jVQE40+YJAAUgOOA94sZNqE4mYKiZVyWCA30ArJzB20mClKMtOnylAEVxIR8VXDfiQUW2bUOBAAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUuAomNhwpUjokPKYQGGkmDKSaSgi4zlYJUGowAMx4NnYIYRZVVWFiVCgsLPKoAAkVFSA8aGhgAJQtHjg9VLp6tM0kNJjwGDAupAC48RciEVQI8PJkCKdiCrxIASRpTVuSGSTxIPAJViElYNTUxJYna7o1HMTEakqo8aMTDg4JGM6aAYSApRYoiAsIBwABhzB4nTiZIkgAFB44hDGYIUgCBjRyMGh1x9GglZCEMC4ZckYRBQRFbiTDQAZgohQ0ijkKs0TOiEZQbKwhIJLRBxw4dXaYZwmClx4obP5YCINCGTZYQAIx4CTVyg4xqLLggEGLIA4VpCldAcNDS4AIJBkNQtGAhiBKRgYmMOHDAQoGWM2AAyCiz4haAEW+8TKygBSyWMmUMqOJRpwWyBy0iUBDkIQPfTiZIxBNEA41mQRIIOCYUo8zsRDx43t4tKBAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGSYmMh0gzjYkuPIQYRQ+DPA2RgwKUgilFSIICV5ucAEhIn6ECqVgarqhJPDyLRUUKAFRYVI1HMZAALgJIAg8KGDwKGlinAEkKLoU1Tnt1BABVAtOEKb4PBhIMR4c+cU5OaymILiYlCwtHmIcxQU4fjAYMDFjdiApQSGBU5QgGRjOmEFgQCUMKZf8AKLgBAgiZNvkaURkSo8aUI+wAYJDSYcyONloibexIoYQwQS6oEPgxpOGMXPQOPdjCMFESCgcZHdFiYUROQ0dChCgRkRCFOg4cRMCCiIcGAjhCUDgq6AiHDhWyxShAhJACKFweJJHAAgoFQ1dfrAwQlKRMhAwpfnCZMkXEihqCHmAwUIXRkAgRoLiQgsIHABsrVDRl1OPMDQAPZIzAAcAEjRVzOT2gI+XTjREMBF0RUZMThhyyAGyYYGCQhtaoCJVQMjk3ISQafAtHFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGD4mMh1UCjYkNXlWDSQKVgo+Rgkl3HZkCSEmdMwqcgnNOWoI8SDwAD0VFSKgAP05ONgACPLApKUUujAsesABIek46CkmuAjNFp4IPPIuEQ3p2dDgAJBEmhdAuLikDGljDhTY6OjtZM4guAlRYWFSZhmB9cF3Xhxg0aBjw75ABNVYaGcDACEkDA+EaVUmSJJ8gF2AmgDgRBkWkGQwWlJBA5ViSG3PqOHiTIFIDDwtESkhBqAqRKTgoROJRJAUmRlA8MHoggSEjA16yQKiFiEqMGFgSXaETQcsEKoiSYIlRI0YJdYRMuIkgxYcLCSs0gEVyxcq8K1NhhpQwxCDEgEE3WrQggsPHFCpQcGCNlYKIRUNXyrTA4aIHAigArOAYUrDRhgk0yF1YQQBAChwhGqB6IEbJNCMIpggaAOYKKgwXjAJggSAiAANHbBW6kgMsAN+6q7jWTfxQIAA7AAAAAAAAAAAA");
@@ -317,6 +393,14 @@ var RealexHpp = (function () {
 			return spinner;
 		},
 
+		/**
+		 * Creates the HPP's form, spinner, iframe, and close button, appends them
+		 * to the DOM, and submits the form to load the HPP
+		 *
+		 * @param {HTMLDivElement} overlayElement
+		 * @param {object} token The HPP request data
+		 * @returns an object with the created spinner, iframe, and close button
+		 */
 		createIFrame: function (overlayElement, token) {
 			//Create the spinner
 			var spinner = internal.createSpinner();
@@ -397,6 +481,18 @@ var RealexHpp = (function () {
 			};
 		},
 
+		/**
+		 * Opens the HPP in a new window
+		 *
+		 * Used in some mobile scenarios or when the browser viewport is
+		 * smaller than the HPP's inner width.
+		 *
+		 * Will automatically post the request data to the defined HPP
+		 * URL to load the HPP.
+		 *
+		 * @param {object} token The HPP request data
+		 * @returns the created window
+		 */
 		openWindow: function (token) {
 			//open new window
 			var tabWindow = window.open();
@@ -427,20 +523,51 @@ var RealexHpp = (function () {
 			return tabWindow;
 		},
 
+		/**
+		 * Creates a rudimentary URL parser using an anchor element
+		 *
+		 * @param {string} url
+		 * @returns the created anchor element
+		 */
 		getUrlParser: function (url) {
 			var parser = document.createElement('a');
 			parser.href = url;
 			return parser;
 		},
 
+		/**
+		 * Gets the hostname/origin from a URL. Used for origin checks
+		 *
+		 * @param {string} url
+		 * @returns the hostname/origin of the URL
+		 */
 		getHostnameFromUrl: function (url) {
-      return internal.getUrlParser(url).hostname;
+			return internal.getUrlParser(url).hostname;
 		},
 
+		/**
+		 * Compares the origins from both arguments to validate we have received a postMessage
+		 * from the expected source
+		 *
+		 * @param {string} origin The origin attached to the recieved message
+		 * @param {string} hppUrl Our expected source origin
+		 * @returns true if the origins match
+		 */
 		isMessageFromHpp: function (origin, hppUrl) {
 			return internal.getHostnameFromUrl(origin) === internal.getHostnameFromUrl(hppUrl);
 		},
 
+		/**
+		 * Handles messages from the HPP
+		 *
+		 * Messages from the HPP are one of:
+		 *
+		 * - iframe resize event
+		 * - transaction response
+		 * - error information
+		 *
+		 * @param {MessageEvent} e
+		 */
 		receiveMessage: function (e) {
 			//Check the origin of the response comes from HPP
 			if (!internal.isMessageFromHpp(e.event.origin, hppUrl)) {
@@ -542,7 +669,9 @@ var RealexHpp = (function () {
 		}
 	};
 
-	// Initialising some variables used throughout this file.
+	/**
+	 * Public interface for the lightbox display mode
+	 */
 	var RxpLightbox = (function () {
 		var instance;
 
@@ -621,7 +750,9 @@ var RealexHpp = (function () {
 		};
 	})();
 
-	// Initialising some variables used throughout this file.
+	/**
+	 * Public interface for the embedded display mode
+	 */
 	var RxpEmbedded = (function () {
 		var instance;
 
@@ -700,6 +831,9 @@ var RealexHpp = (function () {
 		};
 	})();
 
+	/**
+	 * Public interface for the redirect display mode
+	 */
 	var RxpRedirect = (function () {
 		var instance;
 
@@ -766,7 +900,9 @@ var RealexHpp = (function () {
 		};
 	}());
 
-	// RealexHpp
+	/**
+	 * Public interface for the Realex HPP library
+	 */
 	return {
 		init: RxpLightbox.init,
 		lightbox: {

From 511c5ff8e6ea3242ff8f9b1e9bca6b2ed41f970c Mon Sep 17 00:00:00 2001
From: Shane Logsdon <shane@shanelogsdon.com>
Date: Tue, 7 Sep 2021 23:27:38 -0400
Subject: [PATCH 4/4] increment the version

---
 dist/rxp-js.js     | 171 ++++++++++++++++++++++++++++++++++++++++++---
 dist/rxp-js.min.js |   4 +-
 package.json       |   2 +-
 3 files changed, 164 insertions(+), 13 deletions(-)

diff --git a/dist/rxp-js.js b/dist/rxp-js.js
index 6b7b1ef..ba1ada7 100644
--- a/dist/rxp-js.js
+++ b/dist/rxp-js.js
@@ -1,4 +1,4 @@
-/*! rxp-js - v1.5.0 - 2021-07-27
+/*! rxp-js - v1.5.1 - 2021-09-07
  * The official Realex Payments JS Library
  * https://github.com/realexpayments/rxp-js
  * Licensed MIT
@@ -49,8 +49,16 @@ var RealexHpp = (function () {
 
 	var redirectUrl;
 
+	/**
+	 * Shared functionality across lightbox, embedded, and redirect display modes.
+	 */
 	var internal = {
 		evtMsg: [],
+		/**
+		 * Adds a new window message event listener and tracks it for later removal
+		 *
+		 * @param {Function} evtMsgFct
+		 */
 		addEvtMsgListener: function(evtMsgFct) {
 			this.evtMsg.push({ fct: evtMsgFct, opt: false });
 			if (window.addEventListener) {
@@ -59,6 +67,9 @@ var RealexHpp = (function () {
 				window.attachEvent('message', evtMsgFct);
 			}
 		},
+		/**
+		 * Removes a previously set window message event listener
+		 */
 		removeOldEvtMsgListener: function () {
 			if (this.evtMsg.length > 0) {
 				var evt = this.evtMsg.pop();
@@ -69,6 +80,9 @@ var RealexHpp = (function () {
 				}
 			}
         },
+		/**
+		 * Shimmed base64 encode/decode support
+		 */
 		base64:{
 			encode:function(input) {
 				var keyStr = "ABCDEFGHIJKLMNOP" +
@@ -159,10 +173,26 @@ var RealexHpp = (function () {
 				return unescape(output);
 			}
 		},
+		/**
+		 * Converts an HPP message to a developer-friendly version.
+		 *
+		 * The decode process has two steps:
+		 *
+		 * 1. Attempt to parse the string as JSON. If this fails, an error response
+		 *    is provided as we expect that the HPP has errored out to the cardholder
+		 * 2. Attempt to base64 decode the data to cover both HPP versions 1 and 2.
+		 *
+		 * @param {any} answer
+		 * @returns null if answer is not a string, otherwise the data from the HPP
+		 */
 		decodeAnswer:function(answer){ //internal.decodeAnswer
 
 			var _r;
 
+			if (typeof answer !== "string") {
+				return null;
+			}
+
 			try {
 				_r=JSON.parse(answer);
 			} catch (e) {
@@ -178,6 +208,13 @@ var RealexHpp = (function () {
 			} catch (e) { /** */ }
 			return _r;
 		},
+		/**
+		 * Creates a new input of type `hidden`. Does not append to DOM.
+		 *
+		 * @param {string} name Name for the new input
+		 * @param {string} value Value for the new input
+		 * @returns the created input
+		 */
 		createFormHiddenInput: function (name, value) {
 			var el = document.createElement("input");
 			el.setAttribute("type", "hidden");
@@ -186,6 +223,11 @@ var RealexHpp = (function () {
 			return el;
 		},
 
+		/**
+		 * Determines a mobile device's orientation for width calculation
+		 *
+		 * @returns true if in landscape
+		 */
 		checkDevicesOrientation: function () {
 			if (window.orientation === 90 || window.orientation === -90) {
 				return true;
@@ -194,6 +236,12 @@ var RealexHpp = (function () {
 			}
 		},
 
+		/**
+		 * Creates a semi-transparent overlay with full width/height to serve as
+		 * a background for the lightbox modal
+		 *
+		 * @returns the created overlay
+		 */
 		createOverlay: function () {
 			var overlay = document.createElement("div");
 			overlay.setAttribute("id", "rxp-overlay-" + randomId);
@@ -221,6 +269,14 @@ var RealexHpp = (function () {
 			return overlay;
 		},
 
+		/**
+		 * Closes a lightbox modal and all associated elements
+		 *
+		 * @param {HTMLImageElement} closeButton
+		 * @param {HTMLIFrameElement} iFrame
+		 * @param {HTMLImageElement} spinner
+		 * @param {HTMLDivElement} overlayElement
+		 */
 		closeModal: function (closeButton, iFrame, spinner, overlayElement) {
 			if (closeButton && closeButton.parentNode) {
 				closeButton.parentNode.removeChild(closeButton);
@@ -246,6 +302,11 @@ var RealexHpp = (function () {
 			}, 300);
 		},
 
+		/**
+		 * Creates a close button for the lightbox modal
+		 *
+		 * @returns the created element
+		 */
 		createCloseButton: function (overlayElement) {
 			if (document.getElementById("rxp-frame-close-" + randomId) !== null) {
 				return;
@@ -272,6 +333,19 @@ var RealexHpp = (function () {
 			return closeButton;
 		},
 
+		/**
+		 * Creates a form and appends the HPP request data as hidden input elements to
+		 * POST to the defined HPP URL.
+		 *
+		 * The created form is not appended to the DOM and is not submitted at this time.
+		 *
+		 * @param {Document} doc
+		 * @param {object} token HPP request data
+		 * @param {bool} ignorePostMessage If true, the HPP will redirect to the defined
+		 * 					defined redirect URL. If false, the HPP will send a postMessage
+		 * 					to the parent window to be handled by this library.
+		 * @returns the created form
+		 */
 		createForm: function (doc, token, ignorePostMessage) {
 			var form = document.createElement("form");
 			form.setAttribute("method", "POST");
@@ -302,6 +376,12 @@ var RealexHpp = (function () {
 			return form;
 		},
 
+		/**
+		 * Creates a visual spinner element to be shown with the lightbox overlay while the
+		 * HPP's iframe loads
+		 *
+		 * @returns the created spinner element
+		 */
 		createSpinner: function () {
 			var spinner = document.createElement("img");
 			spinner.setAttribute("src", "data:image/gif;base64,R0lGODlhHAAcAPYAAP////OQHv338fzw4frfwPjIkPzx4/nVq/jKlfe7dv337/vo0fvn0Pzy5/WrVv38+vjDhva2bfzq1fe/f/vkyve8d/WoT/nRpP327ve9e/zs2vrWrPWqVPWtWfvmzve5cvazZvrdvPjKlPfAgPnOnPvp0/zx5fawYfe+ff317PnTp/nMmfvgwvfBgv39/PrXsPSeO/vjx/jJkvzz6PnNm/vkyfnUqfjLl/revvnQoPSfPfSgP/348/nPnvratfrYsvWlSvSbNPrZs/vhw/zv4P306vrXrvzq1/359f369vjHjvSjRvOXLfORIfOQHvjDh/rduvSaM/jEifvlzPzu3v37+Pvixfzr2Pzt3Pa1afa3b/nQovnSpfaxYvjFi/rbt/rcufWsWPjGjfSjRPShQfjChPOUJva0aPa2a/awX/e6dPWnTfWkSPScNve4cPWpUfSdOvOSI/OVKPayZPe9efauW/WpUvOYL/SiQ/OZMfScOPOTJfavXfWmSwAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUKKYmNh0ofjoklL4RLUQ+DVZmSAAswOYIKTE1UglUCVZ0AGBYwPwBHTU44AFU8PKuCEzpARB5OTjYAPEi5jQYNgzE7QS1ET1JTD7iqgi6chAcOFRsmABUQBoQuSAIALjwpMwqHCBYcJyrHhulF9xiJFx0WMo0Y99o18oBCWSIXKZI0eoBhkaQHEA0JIIAAQoYPKiSlwIKFyIAUnAYUSBAhAogVkmZc0aChIz0ACiQQCLFAEhIMKXhkO8RiRqMqBnYe0iAigwoXiah4KMEI0QIII1rQyHeoypUFWH0aWjABAgkPLigIKUIIiQQNrDQs8EC2EAMKBlIV9EBgRAHWFEes1DiWpIjWRDVurCCCBAqUGUhqxEC7yoUNBENg4sChbICVaasw3PCBNAkLHAI1DBEoyQSObDGGZMPyV5egElNcNxJAVbZtQoEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhUVFiY2HYlKOiUdDgw9hDg+DPjWSgh4WX4JYY2MagipOBJ4AGF0OnTVkZDEAX05mDawAXg5dGCxBQQRFTE5djkQYgwxhFghYSjIDZU6qgy6ahS8RSj6MEyImhAoFHYJJPAJIhz1ZERVfCi6HVelISDyJNloRCI08ArJrdEQKEUcKtCF6oEDBDEkPIhoSwEKFDCktDkhyuAgDD3oADOR40qIFCi4bZywqkqIKISRYKAwpIalKwCQgD7kYMi6RC0aOsGxB8KLRDA1YBCQqsaLpBqU6DSDVsMzQFRkkXhwBcIUBVHREDmIYgOWKAkMMSpwFwINAiCkCTI5cEaCBwYKBVTAAnYQjBAYFVqx4XLBgwK6dIa4AUFCjxjIDDCTkdIQBzAJBPBrrA0DFw2ZJM2gKcjGFgsIBa3cNOrJVdaKArmMbCgQAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFRSmJjYckK46JEjWECWqEQgSSghJnIYIzaSdFghdRQ5wAPBlalRIdHUcALzBrGKoAPVoJPBQWa1MNbDsJjgOMggtaaDkaCDREKG06OIMDHoYhEzRgpTQiWIQmCJhUEGxOT4dGEy1SYMmGLgVmTk5uiWBlLTQuiSTutXBERcSVRi5OWEtUBUMKE6r+FeJR48cFEjdeSEoigIfHJBIb/MixYgWCDZKQeFz5gFAVE0cWHHRUJUmSKhIRHSnVCENORCZYhJjys5CAGUWQJCISAsdQHolSLCoC1ZABMASmGACApYQCQg+kAkCCocgMpYWIGEBLMQYDBVRMiPAwoUFDEkEPPDrCUiOGAAUePCioogFLg1wuPMSgAkDAggUCAMzQwFiVgCEzkzy+C6DBFbSSiogbJEECoQZfcxEiUlk1IpWuYxsKBAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUzDYmNhxckjolXVoQQIy6DX5WSAFQZIYIKFQlFgjZrU50ASUojMZ4fblcAUBxdCqsALy1PKRpoZ0czJ2FKjgYpmQBEZSNbAys5DUpvDh6CVVdDy4M1IiohMwBcKwOEGFwQABIjYW3HhiwIKzQEM0mISmQ7cCOJU2is4PIgUQ44OxA4wrDhSKMqKEo0QpJCQZFuiIqwmGKiUJIrMQjgCFFDUggnTuKQKWNAEA8GLHCMLOkIB0oncuZgIfTAYooUkky8CLEASaIqwxzlczSjRgwGE3nwWHqISAynEowiEsADSddDBoZQOAKUigYehQQAreJVgFZCM1JSVBGEZMGCK1UapEiCoUiRpS6qzG00wO5UDVd4PPCba5ULCQw68tBwFoAAvxgbCfBARNADLFgGK8C3CsO5QUSoEFLwVpcgEy1dJ0LSWrZtQYEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhRgziY2HQgeOiUQ1hDcyLoNgFJKCJiIEggpSEIwALyALnQBVFzdTAANlZVcAQxEVCqsABCs0ClgTKCUCFVo9jg0pVYIpNDc/VBcqRFtZWrUASAtDhlhgLCUpAFAq2Z4XJAAaK2drW4dHITg4CwrMhg8IHQ52CIlUCISw8iARlzd1IjVCwsBEowciBjRKogDDOEdEQsSgUnAQEg0MasSwwkCSiig7loRBcURQEg0eatQgKekASjwcMpQohCRFkYuNDHwhcCVJoipYMDhSosHRjAULWib64STOjUQGGEDVgO8QHSdgMxxq4KEEFQEAZhjo6JEHAAZqUu44EWNIgQB8LzWYqKJAQRIegDsqiPElGRauSWbMQOKCBxK3q1xQ0VCEVZEiSAD85ZGpE5IrDgE8uIwPyd1VAkw1q+yx6y5RSl8nesBWtu1BgQAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFGEWJjYcEX46JDUeEG1sPgwQlkoIYUAuCPD00M4JfGVedAC5DIRoAMzQrWAA1I14CqwBHODg8JggiVwpPLQeORSlVor4UJj8/RDYTZUSCAiUxLoUGQxRHGABXMSaEA1wqABoXdCAvh0QxNTUlPNyGSDluWhHqiCYoxPCQCRGXLGrAOEoiwVQiJBdSNEKiAIM4R1SGTCFSUFASKhIWLGCgypGKNWHqoJECC0CSAUdEMmjZaMOaDmncILhGKIkABbocmfAgoUGjByaQOGrBwFEKLBrMJbIBh4yMSRqgmsB3CAKZHXAyHCpyBUtSABa5sjoAAoAECG9QgngxJAAJvgdF8lbhwQOAEidOYghSMCVEx0MK8j7Ye4+IHCdzdgHIq+sBX2YHnJhxKCnJjIsuBPAo+BfKqiQKCPEllCOS5EFIlL5OpHa27UAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFPBiJjYdXDI6JAlSENUMugx4akoJIVpwAVQQ4AoI1Mgadgh5WRAAKOCENAEc3PTyrABo1NQICIVAzPD00Qo4YCg+evR4YFBRFQjcrA4JJWAuGMx4lVAoAV1O0g1QbPgADP0oZYIcmDAsLGjyZhikqZS0Tx4gz8hLsGXJxYQQEAo6SaDCVCMMFE40e8ECSRJKBI0eKCASQxAQRLBo0WHPE5YwbNS1oVOLoEeQViI6MmEwwgsYrQhIpSiqi4UqKjYUeYAAaVMkRRzyKFGGU6IedDjYSKSiSgirRQTLChLGD4JCAGUsrTixU5QCdWivOrNliiKI9iRNNZ3wBY0KKHh1DPJVggRRJrhhOnBgxwIYMGl0AeIw9EjgEACMw2JCT5EKxIAxynFwRhCBKjFUSCQHJs0xQjy+ICbXoUuhqJyIlUss2FAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFVQKJjYdEDI6JPESECzVVg0RUkoJVHliCLlMxCoJUYAadglcMAwBJFDFFAA0hBEirACYLCwpJMVYNDyw4U44CPA+CSb0SPAsMKUdQIaqwDVguhQpXWAOmJhIYhBhTx0UhWyIEhykaWBoGSYgKUCQrCCGJCvHXhy583FhRw1GVBvQSpRAyo1GVJFUyORpw5IqBXINcYCjCsUgKST9QlCkjhss1jR1nfHT0BQUEKQUOmCjk4gFESSkGmEixDJELZY14iDjiKAkPJDwa+UDjZkMipEgZIUqyIYGWLDR6EkqSjEcmJTeSDuLxY8QuLi2ybDFUReuAPU5W+KTgkkOCCgsc9gF4wEvrISlOnLAgAiePCgFnHKDQBQCIkycADADR4QPAFAd8Gqwy4ESLIAF2dlAQ5KMPlFULpBACgUezIChfGBOiAUJ2oiJXbOsmFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFDzyJjYcNEo6JSAaEGgtJgyZEkoIPGgODEgwKggZDJp2CAxoNAA8lDEUAKTE1jKopWBoKDwsMMw9TNQuOSUkuglVYWERJWFe6VjGuAFUKJsmESDNFKUgAGAaZgwKxAAILLFDFhjzeRUVViEgSBDghDJPxKY0LISGuOHKBYd4kD6USPVj4QJIJKkQakBvEo2JFAZJCiFhBI4eQVIKQWKwoCQcCGj0ufJlRyEXDTkVmzOiViIgblokU0IjU6EUeJy0a/ZjQQshLQ1ucKE2Dy5ACMFJaTLhgkNAXJ3m6DAFwwwtOQQpeeAnnA8EEG4Y8MMBlgA2cEylSVORY8OVMhBCDihw5emiFDh1gFITp8+LBCC1jVQE40+YJAAUgOOA94sZNqE4mYKiZVyWCA30ArJzB20mClKMtOnylAEVxIR8VXDfiQUW2bUOBAAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUuAomNhwpUjokPKYQGGkmDKSaSgi4zlYJUGowAMx4NnYIYRZVVWFiVCgsLPKoAAkVFSA8aGhgAJQtHjg9VLp6tM0kNJjwGDAupAC48RciEVQI8PJkCKdiCrxIASRpTVuSGSTxIPAJViElYNTUxJYna7o1HMTEakqo8aMTDg4JGM6aAYSApRYoiAsIBwABhzB4nTiZIkgAFB44hDGYIUgCBjRyMGh1x9GglZCEMC4ZckYRBQRFbiTDQAZgohQ0ijkKs0TOiEZQbKwhIJLRBxw4dXaYZwmClx4obP5YCINCGTZYQAIx4CTVyg4xqLLggEGLIA4VpCldAcNDS4AIJBkNQtGAhiBKRgYmMOHDAQoGWM2AAyCiz4haAEW+8TKygBSyWMmUMqOJRpwWyBy0iUBDkIQPfTiZIxBNEA41mQRIIOCYUo8zsRDx43t4tKBAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGSYmMh0gzjYkuPIQYRQ+DPA2RgwKUgilFSIICV5ucAEhIn6ECqVgarqhJPDyLRUUKAFRYVI1HMZAALgJIAg8KGDwKGlinAEkKLoU1Tnt1BABVAtOEKb4PBhIMR4c+cU5OaymILiYlCwtHmIcxQU4fjAYMDFjdiApQSGBU5QgGRjOmEFgQCUMKZf8AKLgBAgiZNvkaURkSo8aUI+wAYJDSYcyONloibexIoYQwQS6oEPgxpOGMXPQOPdjCMFESCgcZHdFiYUROQ0dChCgRkRCFOg4cRMCCiIcGAjhCUDgq6AiHDhWyxShAhJACKFweJJHAAgoFQ1dfrAwQlKRMhAwpfnCZMkXEihqCHmAwUIXRkAgRoLiQgsIHABsrVDRl1OPMDQAPZIzAAcAEjRVzOT2gI+XTjREMBF0RUZMThhyyAGyYYGCQhtaoCJVQMjk3ISQafAtHFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGD4mMh1UCjYkNXlWDSQKVgo+Rgkl3HZkCSEmdMwqcgnNOWoI8SDwAD0VFSKgAP05ONgACPLApKUUujAsesABIek46CkmuAjNFp4IPPIuEQ3p2dDgAJBEmhdAuLikDGljDhTY6OjtZM4guAlRYWFSZhmB9cF3Xhxg0aBjw75ABNVYaGcDACEkDA+EaVUmSJJ8gF2AmgDgRBkWkGQwWlJBA5ViSG3PqOHiTIFIDDwtESkhBqAqRKTgoROJRJAUmRlA8MHoggSEjA16yQKiFiEqMGFgSXaETQcsEKoiSYIlRI0YJdYRMuIkgxYcLCSs0gEVyxcq8K1NhhpQwxCDEgEE3WrQggsPHFCpQcGCNlYKIRUNXyrTA4aIHAigArOAYUrDRhgk0yF1YQQBAChwhGqB6IEbJNCMIpggaAOYKKgwXjAJggSAiAANHbBW6kgMsAN+6q7jWTfxQIAA7AAAAAAAAAAAA");
@@ -317,6 +397,14 @@ var RealexHpp = (function () {
 			return spinner;
 		},
 
+		/**
+		 * Creates the HPP's form, spinner, iframe, and close button, appends them
+		 * to the DOM, and submits the form to load the HPP
+		 *
+		 * @param {HTMLDivElement} overlayElement
+		 * @param {object} token The HPP request data
+		 * @returns an object with the created spinner, iframe, and close button
+		 */
 		createIFrame: function (overlayElement, token) {
 			//Create the spinner
 			var spinner = internal.createSpinner();
@@ -397,6 +485,18 @@ var RealexHpp = (function () {
 			};
 		},
 
+		/**
+		 * Opens the HPP in a new window
+		 *
+		 * Used in some mobile scenarios or when the browser viewport is
+		 * smaller than the HPP's inner width.
+		 *
+		 * Will automatically post the request data to the defined HPP
+		 * URL to load the HPP.
+		 *
+		 * @param {object} token The HPP request data
+		 * @returns the created window
+		 */
 		openWindow: function (token) {
 			//open new window
 			var tabWindow = window.open();
@@ -427,28 +527,71 @@ var RealexHpp = (function () {
 			return tabWindow;
 		},
 
+		/**
+		 * Creates a rudimentary URL parser using an anchor element
+		 *
+		 * @param {string} url
+		 * @returns the created anchor element
+		 */
 		getUrlParser: function (url) {
 			var parser = document.createElement('a');
 			parser.href = url;
 			return parser;
 		},
 
+		/**
+		 * Gets the hostname/origin from a URL. Used for origin checks
+		 *
+		 * @param {string} url
+		 * @returns the hostname/origin of the URL
+		 */
 		getHostnameFromUrl: function (url) {
-      return internal.getUrlParser(url).hostname;
+			return internal.getUrlParser(url).hostname;
 		},
 
+		/**
+		 * Compares the origins from both arguments to validate we have received a postMessage
+		 * from the expected source
+		 *
+		 * @param {string} origin The origin attached to the recieved message
+		 * @param {string} hppUrl Our expected source origin
+		 * @returns true if the origins match
+		 */
 		isMessageFromHpp: function (origin, hppUrl) {
 			return internal.getHostnameFromUrl(origin) === internal.getHostnameFromUrl(hppUrl);
 		},
 
+		/**
+		 * Handles messages from the HPP
+		 *
+		 * Messages from the HPP are one of:
+		 *
+		 * - iframe resize event
+		 * - transaction response
+		 * - error information
+		 *
+		 * @param {MessageEvent} e
+		 */
 		receiveMessage: function (e) {
 			//Check the origin of the response comes from HPP
 			if (!internal.isMessageFromHpp(e.event.origin, hppUrl)) {
 				return;
 			}
+
+			if (!e.event.data) {
+				return;
+			}
+
+			var evtdata = internal.decodeAnswer(e.event.data);
+
+			// we received an invalid message from the HPP iframe (e.g. from a browser plugin)
+			// return early to prevent invalid processing
+			if (evtdata === null) {
+				return;
+			}
+
 			// check for iframe resize values
-			var evtdata;
-			if (e.event.data && (evtdata=internal.decodeAnswer(e.event.data)).iframe) {
+			if (evtdata.iframe) {
 				if (!isMobileNewTab()) {
 					var iframeWidth = evtdata.iframe.width;
 					var iframeHeight = evtdata.iframe.height;
@@ -514,9 +657,8 @@ var RealexHpp = (function () {
 				};
 				var response = e.event.data;
 				//allow the script to intercept the answer, instead of redirecting to another page. (which is really a 90s thing)
-				if(typeof e.url==='function'){
-					var answer=internal.decodeAnswer(response);
-					e.url(answer,_close);
+				if (typeof e.url === 'function'){
+					e.url(evtdata, _close);
 					return;
 				}
 				_close();
@@ -531,7 +673,9 @@ var RealexHpp = (function () {
 		}
 	};
 
-	// Initialising some variables used throughout this file.
+	/**
+	 * Public interface for the lightbox display mode
+	 */
 	var RxpLightbox = (function () {
 		var instance;
 
@@ -610,7 +754,9 @@ var RealexHpp = (function () {
 		};
 	})();
 
-	// Initialising some variables used throughout this file.
+	/**
+	 * Public interface for the embedded display mode
+	 */
 	var RxpEmbedded = (function () {
 		var instance;
 
@@ -689,6 +835,9 @@ var RealexHpp = (function () {
 		};
 	})();
 
+	/**
+	 * Public interface for the redirect display mode
+	 */
 	var RxpRedirect = (function () {
 		var instance;
 
@@ -755,7 +904,9 @@ var RealexHpp = (function () {
 		};
 	}());
 
-	// RealexHpp
+	/**
+	 * Public interface for the Realex HPP library
+	 */
 	return {
 		init: RxpLightbox.init,
 		lightbox: {
diff --git a/dist/rxp-js.min.js b/dist/rxp-js.min.js
index 56ad758..f08dd15 100644
--- a/dist/rxp-js.min.js
+++ b/dist/rxp-js.min.js
@@ -1,7 +1,7 @@
-/*! rxp-js - v1.5.0 - 2021-07-27
+/*! rxp-js - v1.5.1 - 2021-09-07
  * The official Realex Payments JS Library
  * https://github.com/realexpayments/rxp-js
  * Licensed MIT
  */
 
-Element.prototype.remove=function(){this.parentElement.removeChild(this)},NodeList.prototype.remove=HTMLCollection.prototype.remove=function(){for(var e=this.length-1;e>=0;e--)this[e]&&this[e].parentElement&&this[e].parentElement.removeChild(this[e])};var RealexHpp=function(){"use strict";var e,t,n="https://pay.realexpayments.com/pay",A=A||Math.random().toString(16).substr(2,8),i=360,o=/Windows Phone|IEMobile/.test(navigator.userAgent),r=/Android|iPad|iPhone|iPod/.test(navigator.userAgent),a=function(){return(window.innerWidth>0?window.innerWidth:screen.width)<=i||(window.innerHeight>0?window.innerHeight:screen.Height)<=i},d=o,s=function(){return!o&&(r||a())},c={evtMsg:[],addEvtMsgListener:function(e){this.evtMsg.push({fct:e,opt:!1}),window.addEventListener?window.addEventListener("message",e,!1):window.attachEvent("message",e)},removeOldEvtMsgListener:function(){if(this.evtMsg.length>0){var e=this.evtMsg.pop();window.addEventListener?window.removeEventListener("message",e.fct,e.opt):window.detachEvent("message",e.fct)}},base64:{encode:function(e){var t="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";e=escape(e);var n,A,i,o,r,a="",d="",s="",c=0;do{i=(n=e.charCodeAt(c++))>>2,o=(3&n)<<4|(A=e.charCodeAt(c++))>>4,r=(15&A)<<2|(d=e.charCodeAt(c++))>>6,s=63&d,isNaN(A)?r=s=64:isNaN(d)&&(s=64),a=a+t.charAt(i)+t.charAt(o)+t.charAt(r)+t.charAt(s),n=A=d="",i=o=r=s=""}while(c<e.length);return a},decode:function(e){if(void 0===e)return e;var t,n,A,i,o="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r="",a="",d="",s=0;if(/[^A-Za-z0-9\+\/\=]/g.exec(e))throw new Error("There were invalid base64 characters in the input text.\nValid base64 characters are A-Z, a-z, 0-9, '+', '/',and '='\nExpect errors in decoding.");e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");do{t=o.indexOf(e.charAt(s++))<<2|(A=o.indexOf(e.charAt(s++)))>>4,n=(15&A)<<4|(i=o.indexOf(e.charAt(s++)))>>2,a=(3&i)<<6|(d=o.indexOf(e.charAt(s++))),r+=String.fromCharCode(t),64!==i&&(r+=String.fromCharCode(n)),64!==d&&(r+=String.fromCharCode(a)),t=n=a="",A=i=d=""}while(s<e.length);return unescape(r)}},decodeAnswer:function(e){var t;try{t=JSON.parse(e)}catch(n){t={error:!0,message:e}}try{for(var n in t)t[n]&&(t[n]=c.base64.decode(t[n]))}catch(e){}return t},createFormHiddenInput:function(e,t){var n=document.createElement("input");return n.setAttribute("type","hidden"),n.setAttribute("name",e),n.setAttribute("value",t),n},checkDevicesOrientation:function(){return 90===window.orientation||-90===window.orientation},createOverlay:function(){var e=document.createElement("div");return e.setAttribute("id","rxp-overlay-"+A),e.style.position="fixed",e.style.width="100%",e.style.height="100%",e.style.top="0",e.style.left="0",e.style.transition="all 0.3s ease-in-out",e.style.zIndex="100",d&&(e.style.position="absolute !important",e.style.WebkitOverflowScrolling="touch",e.style.overflowX="hidden",e.style.overflowY="scroll"),document.body.appendChild(e),setTimeout(function(){e.style.background="rgba(0, 0, 0, 0.7)"},1),e},closeModal:function(e,t,n,A){e&&e.parentNode&&e.parentNode.removeChild(e),t&&t.parentNode&&t.parentNode.removeChild(t),n&&n.parentNode&&n.parentNode.removeChild(n),A&&(A.className="",setTimeout(function(){A.parentNode&&A.parentNode.removeChild(A)},300))},createCloseButton:function(e){if(null===document.getElementById("rxp-frame-close-"+A)){var t=document.createElement("img");return t.setAttribute("id","rxp-frame-close-"+A),t.setAttribute("src","data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAABEAAAARCAYAAAA7bUf6AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNiAoV2luZG93cykiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6QUJFRjU1MEIzMUQ3MTFFNThGQjNERjg2NEZCRjFDOTUiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6QUJFRjU1MEMzMUQ3MTFFNThGQjNERjg2NEZCRjFDOTUiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpBQkVGNTUwOTMxRDcxMUU1OEZCM0RGODY0RkJGMUM5NSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpBQkVGNTUwQTMxRDcxMUU1OEZCM0RGODY0RkJGMUM5NSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PlHco5QAAAHpSURBVHjafFRdTsJAEF42JaTKn4glGIg++qgX4AAchHAJkiZcwnAQD8AF4NFHCaC2VgWkIQQsfl/jNJUik8Duzs/XmW9mN7Xb7VRc5vP5zWKxaK5Wq8Zmu72FqobfJG0YQ9M0+/l8/qFQKDzGY1JxENd1288vLy1s786KRZXJZCLber1Wn7MZt4PLarVnWdZ9AmQ8Hncc17UvymVdBMB/MgPQm+cFFcuy6/V6lzqDf57ntWGwYdBIVx0TfkBD6I9M35iRJgfIoAVjBLDZbA4CiJ5+9AdQi/EahibqDTkQx6fRSIHcPwA8Uy9A9Gcc47Xv+w2wzhRDYzqdVihLIbsIiCvP1NNOoX/29FQx3vgOgtt4FyRdCgPRarX4+goB9vkyAMh443cOEsIAAcjncuoI4TXWMAmCIGFhCQLAdZ8jym/cRJ+Y5nC5XCYAhINKpZLgSISZgoqh5iiLQrojAFICVwGS7tCfe5DbZzkP56XS4NVxwvTI/vXVVYIDnqmnnX70ZxzjNS8THHooK5hMpxHQIREA+tEfA9djfHR3MHkdx3Hspe9r3B+VzWaj2RESyR2mlCUE4MoGQDdxiwHURq2t94+PO9bMIYyTyDNLwMoM7g8+BfKeYGniyw2MdfSehF3Qmk1IvCc/AgwAaS86Etp38bUAAAAASUVORK5CYII="),t.setAttribute("style","transition: all 0.5s ease-in-out; opacity: 0; float: left; position: absolute; left: 50%; margin-left: 173px; z-index: 99999999; top: 30px;"),setTimeout(function(){t.style.opacity="1"},500),d&&(t.style.position="absolute",t.style.float="right",t.style.top="20px",t.style.left="initial",t.style.marginLeft="0px",t.style.right="20px"),t}},createForm:function(e,A,i){var o=document.createElement("form");o.setAttribute("method","POST"),o.setAttribute("action",n);var r=!1;for(var a in A)"HPP_VERSION"===a&&(r=!0),o.appendChild(c.createFormHiddenInput(a,A[a]));if(!1===r&&o.appendChild(c.createFormHiddenInput("HPP_VERSION","2")),i)o.appendChild(c.createFormHiddenInput("MERCHANT_RESPONSE_URL",t));else{var d=c.getUrlParser(window.location.href),s=d.protocol+"//"+d.host;o.appendChild(c.createFormHiddenInput("HPP_POST_RESPONSE",s)),o.appendChild(c.createFormHiddenInput("HPP_POST_DIMENSIONS",s))}return o},createSpinner:function(){var e=document.createElement("img");return e.setAttribute("src","data:image/gif;base64,R0lGODlhHAAcAPYAAP////OQHv338fzw4frfwPjIkPzx4/nVq/jKlfe7dv337/vo0fvn0Pzy5/WrVv38+vjDhva2bfzq1fe/f/vkyve8d/WoT/nRpP327ve9e/zs2vrWrPWqVPWtWfvmzve5cvazZvrdvPjKlPfAgPnOnPvp0/zx5fawYfe+ff317PnTp/nMmfvgwvfBgv39/PrXsPSeO/vjx/jJkvzz6PnNm/vkyfnUqfjLl/revvnQoPSfPfSgP/348/nPnvratfrYsvWlSvSbNPrZs/vhw/zv4P306vrXrvzq1/359f369vjHjvSjRvOXLfORIfOQHvjDh/rduvSaM/jEifvlzPzu3v37+Pvixfzr2Pzt3Pa1afa3b/nQovnSpfaxYvjFi/rbt/rcufWsWPjGjfSjRPShQfjChPOUJva0aPa2a/awX/e6dPWnTfWkSPScNve4cPWpUfSdOvOSI/OVKPayZPe9efauW/WpUvOYL/SiQ/OZMfScOPOTJfavXfWmSwAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUKKYmNh0ofjoklL4RLUQ+DVZmSAAswOYIKTE1UglUCVZ0AGBYwPwBHTU44AFU8PKuCEzpARB5OTjYAPEi5jQYNgzE7QS1ET1JTD7iqgi6chAcOFRsmABUQBoQuSAIALjwpMwqHCBYcJyrHhulF9xiJFx0WMo0Y99o18oBCWSIXKZI0eoBhkaQHEA0JIIAAQoYPKiSlwIKFyIAUnAYUSBAhAogVkmZc0aChIz0ACiQQCLFAEhIMKXhkO8RiRqMqBnYe0iAigwoXiah4KMEI0QIII1rQyHeoypUFWH0aWjABAgkPLigIKUIIiQQNrDQs8EC2EAMKBlIV9EBgRAHWFEes1DiWpIjWRDVurCCCBAqUGUhqxEC7yoUNBENg4sChbICVaasw3PCBNAkLHAI1DBEoyQSObDGGZMPyV5egElNcNxJAVbZtQoEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhUVFiY2HYlKOiUdDgw9hDg+DPjWSgh4WX4JYY2MagipOBJ4AGF0OnTVkZDEAX05mDawAXg5dGCxBQQRFTE5djkQYgwxhFghYSjIDZU6qgy6ahS8RSj6MEyImhAoFHYJJPAJIhz1ZERVfCi6HVelISDyJNloRCI08ArJrdEQKEUcKtCF6oEDBDEkPIhoSwEKFDCktDkhyuAgDD3oADOR40qIFCi4bZywqkqIKISRYKAwpIalKwCQgD7kYMi6RC0aOsGxB8KLRDA1YBCQqsaLpBqU6DSDVsMzQFRkkXhwBcIUBVHREDmIYgOWKAkMMSpwFwINAiCkCTI5cEaCBwYKBVTAAnYQjBAYFVqx4XLBgwK6dIa4AUFCjxjIDDCTkdIQBzAJBPBrrA0DFw2ZJM2gKcjGFgsIBa3cNOrJVdaKArmMbCgQAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFRSmJjYckK46JEjWECWqEQgSSghJnIYIzaSdFghdRQ5wAPBlalRIdHUcALzBrGKoAPVoJPBQWa1MNbDsJjgOMggtaaDkaCDREKG06OIMDHoYhEzRgpTQiWIQmCJhUEGxOT4dGEy1SYMmGLgVmTk5uiWBlLTQuiSTutXBERcSVRi5OWEtUBUMKE6r+FeJR48cFEjdeSEoigIfHJBIb/MixYgWCDZKQeFz5gFAVE0cWHHRUJUmSKhIRHSnVCENORCZYhJjys5CAGUWQJCISAsdQHolSLCoC1ZABMASmGACApYQCQg+kAkCCocgMpYWIGEBLMQYDBVRMiPAwoUFDEkEPPDrCUiOGAAUePCioogFLg1wuPMSgAkDAggUCAMzQwFiVgCEzkzy+C6DBFbSSiogbJEECoQZfcxEiUlk1IpWuYxsKBAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUzDYmNhxckjolXVoQQIy6DX5WSAFQZIYIKFQlFgjZrU50ASUojMZ4fblcAUBxdCqsALy1PKRpoZ0czJ2FKjgYpmQBEZSNbAys5DUpvDh6CVVdDy4M1IiohMwBcKwOEGFwQABIjYW3HhiwIKzQEM0mISmQ7cCOJU2is4PIgUQ44OxA4wrDhSKMqKEo0QpJCQZFuiIqwmGKiUJIrMQjgCFFDUggnTuKQKWNAEA8GLHCMLOkIB0oncuZgIfTAYooUkky8CLEASaIqwxzlczSjRgwGE3nwWHqISAynEowiEsADSddDBoZQOAKUigYehQQAreJVgFZCM1JSVBGEZMGCK1UapEiCoUiRpS6qzG00wO5UDVd4PPCba5ULCQw68tBwFoAAvxgbCfBARNADLFgGK8C3CsO5QUSoEFLwVpcgEy1dJ0LSWrZtQYEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhRgziY2HQgeOiUQ1hDcyLoNgFJKCJiIEggpSEIwALyALnQBVFzdTAANlZVcAQxEVCqsABCs0ClgTKCUCFVo9jg0pVYIpNDc/VBcqRFtZWrUASAtDhlhgLCUpAFAq2Z4XJAAaK2drW4dHITg4CwrMhg8IHQ52CIlUCISw8iARlzd1IjVCwsBEowciBjRKogDDOEdEQsSgUnAQEg0MasSwwkCSiig7loRBcURQEg0eatQgKekASjwcMpQohCRFkYuNDHwhcCVJoipYMDhSosHRjAULWib64STOjUQGGEDVgO8QHSdgMxxq4KEEFQEAZhjo6JEHAAZqUu44EWNIgQB8LzWYqKJAQRIegDsqiPElGRauSWbMQOKCBxK3q1xQ0VCEVZEiSAD85ZGpE5IrDgE8uIwPyd1VAkw1q+yx6y5RSl8nesBWtu1BgQAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFGEWJjYcEX46JDUeEG1sPgwQlkoIYUAuCPD00M4JfGVedAC5DIRoAMzQrWAA1I14CqwBHODg8JggiVwpPLQeORSlVor4UJj8/RDYTZUSCAiUxLoUGQxRHGABXMSaEA1wqABoXdCAvh0QxNTUlPNyGSDluWhHqiCYoxPCQCRGXLGrAOEoiwVQiJBdSNEKiAIM4R1SGTCFSUFASKhIWLGCgypGKNWHqoJECC0CSAUdEMmjZaMOaDmncILhGKIkABbocmfAgoUGjByaQOGrBwFEKLBrMJbIBh4yMSRqgmsB3CAKZHXAyHCpyBUtSABa5sjoAAoAECG9QgngxJAAJvgdF8lbhwQOAEidOYghSMCVEx0MK8j7Ye4+IHCdzdgHIq+sBX2YHnJhxKCnJjIsuBPAo+BfKqiQKCPEllCOS5EFIlL5OpHa27UAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFPBiJjYdXDI6JAlSENUMugx4akoJIVpwAVQQ4AoI1Mgadgh5WRAAKOCENAEc3PTyrABo1NQICIVAzPD00Qo4YCg+evR4YFBRFQjcrA4JJWAuGMx4lVAoAV1O0g1QbPgADP0oZYIcmDAsLGjyZhikqZS0Tx4gz8hLsGXJxYQQEAo6SaDCVCMMFE40e8ECSRJKBI0eKCASQxAQRLBo0WHPE5YwbNS1oVOLoEeQViI6MmEwwgsYrQhIpSiqi4UqKjYUeYAAaVMkRRzyKFGGU6IedDjYSKSiSgirRQTLChLGD4JCAGUsrTixU5QCdWivOrNliiKI9iRNNZ3wBY0KKHh1DPJVggRRJrhhOnBgxwIYMGl0AeIw9EjgEACMw2JCT5EKxIAxynFwRhCBKjFUSCQHJs0xQjy+ICbXoUuhqJyIlUss2FAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFVQKJjYdEDI6JPESECzVVg0RUkoJVHliCLlMxCoJUYAadglcMAwBJFDFFAA0hBEirACYLCwpJMVYNDyw4U44CPA+CSb0SPAsMKUdQIaqwDVguhQpXWAOmJhIYhBhTx0UhWyIEhykaWBoGSYgKUCQrCCGJCvHXhy583FhRw1GVBvQSpRAyo1GVJFUyORpw5IqBXINcYCjCsUgKST9QlCkjhss1jR1nfHT0BQUEKQUOmCjk4gFESSkGmEixDJELZY14iDjiKAkPJDwa+UDjZkMipEgZIUqyIYGWLDR6EkqSjEcmJTeSDuLxY8QuLi2ybDFUReuAPU5W+KTgkkOCCgsc9gF4wEvrISlOnLAgAiePCgFnHKDQBQCIkycADADR4QPAFAd8Gqwy4ESLIAF2dlAQ5KMPlFULpBACgUezIChfGBOiAUJ2oiJXbOsmFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFDzyJjYcNEo6JSAaEGgtJgyZEkoIPGgODEgwKggZDJp2CAxoNAA8lDEUAKTE1jKopWBoKDwsMMw9TNQuOSUkuglVYWERJWFe6VjGuAFUKJsmESDNFKUgAGAaZgwKxAAILLFDFhjzeRUVViEgSBDghDJPxKY0LISGuOHKBYd4kD6USPVj4QJIJKkQakBvEo2JFAZJCiFhBI4eQVIKQWKwoCQcCGj0ufJlRyEXDTkVmzOiViIgblokU0IjU6EUeJy0a/ZjQQshLQ1ucKE2Dy5ACMFJaTLhgkNAXJ3m6DAFwwwtOQQpeeAnnA8EEG4Y8MMBlgA2cEylSVORY8OVMhBCDihw5emiFDh1gFITp8+LBCC1jVQE40+YJAAUgOOA94sZNqE4mYKiZVyWCA30ArJzB20mClKMtOnylAEVxIR8VXDfiQUW2bUOBAAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUuAomNhwpUjokPKYQGGkmDKSaSgi4zlYJUGowAMx4NnYIYRZVVWFiVCgsLPKoAAkVFSA8aGhgAJQtHjg9VLp6tM0kNJjwGDAupAC48RciEVQI8PJkCKdiCrxIASRpTVuSGSTxIPAJViElYNTUxJYna7o1HMTEakqo8aMTDg4JGM6aAYSApRYoiAsIBwABhzB4nTiZIkgAFB44hDGYIUgCBjRyMGh1x9GglZCEMC4ZckYRBQRFbiTDQAZgohQ0ijkKs0TOiEZQbKwhIJLRBxw4dXaYZwmClx4obP5YCINCGTZYQAIx4CTVyg4xqLLggEGLIA4VpCldAcNDS4AIJBkNQtGAhiBKRgYmMOHDAQoGWM2AAyCiz4haAEW+8TKygBSyWMmUMqOJRpwWyBy0iUBDkIQPfTiZIxBNEA41mQRIIOCYUo8zsRDx43t4tKBAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGSYmMh0gzjYkuPIQYRQ+DPA2RgwKUgilFSIICV5ucAEhIn6ECqVgarqhJPDyLRUUKAFRYVI1HMZAALgJIAg8KGDwKGlinAEkKLoU1Tnt1BABVAtOEKb4PBhIMR4c+cU5OaymILiYlCwtHmIcxQU4fjAYMDFjdiApQSGBU5QgGRjOmEFgQCUMKZf8AKLgBAgiZNvkaURkSo8aUI+wAYJDSYcyONloibexIoYQwQS6oEPgxpOGMXPQOPdjCMFESCgcZHdFiYUROQ0dChCgRkRCFOg4cRMCCiIcGAjhCUDgq6AiHDhWyxShAhJACKFweJJHAAgoFQ1dfrAwQlKRMhAwpfnCZMkXEihqCHmAwUIXRkAgRoLiQgsIHABsrVDRl1OPMDQAPZIzAAcAEjRVzOT2gI+XTjREMBF0RUZMThhyyAGyYYGCQhtaoCJVQMjk3ISQafAtHFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGD4mMh1UCjYkNXlWDSQKVgo+Rgkl3HZkCSEmdMwqcgnNOWoI8SDwAD0VFSKgAP05ONgACPLApKUUujAsesABIek46CkmuAjNFp4IPPIuEQ3p2dDgAJBEmhdAuLikDGljDhTY6OjtZM4guAlRYWFSZhmB9cF3Xhxg0aBjw75ABNVYaGcDACEkDA+EaVUmSJJ8gF2AmgDgRBkWkGQwWlJBA5ViSG3PqOHiTIFIDDwtESkhBqAqRKTgoROJRJAUmRlA8MHoggSEjA16yQKiFiEqMGFgSXaETQcsEKoiSYIlRI0YJdYRMuIkgxYcLCSs0gEVyxcq8K1NhhpQwxCDEgEE3WrQggsPHFCpQcGCNlYKIRUNXyrTA4aIHAigArOAYUrDRhgk0yF1YQQBAChwhGqB6IEbJNCMIpggaAOYKKgwXjAJggSAiAANHbBW6kgMsAN+6q7jWTfxQIAA7AAAAAAAAAAAA"),e.setAttribute("id","rxp-loader-"+A),e.style.left="50%",e.style.position="fixed",e.style.background="#FFFFFF",e.style.borderRadius="50%",e.style.width="30px",e.style.zIndex="200",e.style.marginLeft="-15px",e.style.top="120px",e},createIFrame:function(e,t){var n=c.createSpinner();document.body.appendChild(n);var i=document.createElement("iframe");if(i.setAttribute("name","rxp-frame-"+A),i.setAttribute("id","rxp-frame-"+A),i.setAttribute("height","562px"),i.setAttribute("frameBorder","0"),i.setAttribute("width","360px"),i.setAttribute("seamless","seamless"),i.style.zIndex="10001",i.style.position="absolute",i.style.transition="transform 0.5s ease-in-out",i.style.transform="scale(0.7)",i.style.opacity="0",e.appendChild(i),d){i.style.top="0px",i.style.bottom="0px",i.style.left="0px",i.style.marginLeft="0px;",i.style.width="100%",i.style.height="100%",i.style.minHeight="100%",i.style.WebkitTransform="translate3d(0,0,0)",i.style.transform="translate3d(0, 0, 0)";var o=document.createElement("meta");o.name="viewport",o.content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0",document.getElementsByTagName("head")[0].appendChild(o)}else i.style.top="40px",i.style.left="50%",i.style.marginLeft="-180px";var r;i.onload=function(){i.style.opacity="1",i.style.transform="scale(1)",i.style.backgroundColor="#ffffff",n&&n.parentNode&&n.parentNode.removeChild(n),r=c.createCloseButton(),e&&r&&(e.appendChild(r),r.addEventListener("click",function(){c.closeModal(r,i,n,e)},!0))};var a=c.createForm(document,t);return i.contentWindow.document.body?i.contentWindow.document.body.appendChild(a):i.contentWindow.document.appendChild(a),a.submit(),{spinner:n,iFrame:i,closeButton:r}},openWindow:function(e){var t=window.open();if(!t)return null;var n=t.document,A=n.createElement("meta"),i=n.createAttribute("name");i.value="viewport",A.setAttributeNode(i);var o=n.createAttribute("content");o.value="width=device-width",A.setAttributeNode(o),n.head.appendChild(A);var r=c.createForm(n,e);return n.body.appendChild(r),r.submit(),t},getUrlParser:function(e){var t=document.createElement("a");return t.href=e,t},getHostnameFromUrl:function(e){return c.getUrlParser(e).hostname},isMessageFromHpp:function(e,t){return c.getHostnameFromUrl(e)===c.getHostnameFromUrl(t)},receiveMessage:function(t){if(c.isMessageFromHpp(t.event.origin,n)){var i;if(t.event.data&&(i=c.decodeAnswer(t.event.data)).iframe){if(!s()){var o,r=i.iframe.width,a=i.iframe.height,l=!1;if(o=t.embedded?t.instance.getIframe():document.getElementById("rxp-frame-"+A),t.instance.events&&t.instance.events.onResize&&t.instance.events.onResize(i.iframe),"390px"===r&&"440px"===a&&(o.setAttribute("width",r),o.setAttribute("height",a),l=!0),o.style.backgroundColor="#ffffff",d){if(o.style.marginLeft="0px",o.style.WebkitOverflowScrolling="touch",o.style.overflowX="scroll",o.style.overflowY="scroll",!t.embedded){var g=document.getElementById("rxp-overlay-"+A);g.style.overflowX="scroll",g.style.overflowY="scroll"}}else!t.embedded&&l&&(o.style.marginLeft=parseInt(r.replace("px",""),10)/2*-1+"px");!t.embedded&&l&&setTimeout(function(){document.getElementById("rxp-frame-close-"+A).style.marginLeft=parseInt(r.replace("px",""),10)/2-7+"px"},200)}}else{var u=function(){s()&&e?e.close():t.instance.close();var n=document.getElementById("rxp-overlay-"+A);n&&n.remove()},h=t.event.data;if("function"==typeof t.url){var I=c.decodeAnswer(h);return void t.url(I,u)}u();var m=document.createElement("form");m.setAttribute("method","POST"),m.setAttribute("action",t.url),m.appendChild(c.createFormHiddenInput("hppResponse",h)),document.body.appendChild(m),m.submit()}}}},l=function(){function t(){var t,n,A,i,o,r=c.checkDevicesOrientation();return d&&window.addEventListener&&window.addEventListener("orientationchange",function(){r=c.checkDevicesOrientation()},!1),{lightbox:function(){if(s())e=c.openWindow(o);else{t=c.createOverlay();var r=c.createIFrame(t,o);n=r.spinner,A=r.iFrame,i=r.closeButton}},close:function(){c.closeModal()},setToken:function(e){o=e}}}var n;return{getInstance:function(e){return n||(n=t()),n.setToken(e),n},init:function(e,t,n){var A=l.getInstance(n);"autoload"===e?A.lightbox():document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",A.lightbox,!0):document.getElementById(e).attachEvent("onclick",A.lightbox),c.removeOldEvtMsgListener();var i=function(e){return c.receiveMessage({event:e,instance:A,url:t,embedded:!1})};c.evtMsg.push({fct:i,opt:!1}),c.addEvtMsgListener(i)}}}(),g=function(){function e(){var e,t;return{embedded:function(){var n=c.createForm(document,t);e&&(e.contentWindow.document.body?e.contentWindow.document.body.appendChild(n):e.contentWindow.document.appendChild(n),n.submit(),e.style.display="inherit")},close:function(){e.style.display="none"},setToken:function(e){t=e},setIframe:function(t){e=document.getElementById(t)},getIframe:function(){return e}}}var t;return{getInstance:function(n){return t||(t=e()),t.setToken(n),t},init:function(e,t,n,A,i){var o=g.getInstance(A);o.events=i,o.setIframe(t),"autoload"===e?o.embedded():document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",o.embedded,!0):document.getElementById(e).attachEvent("onclick",o.embedded),c.removeOldEvtMsgListener();var r=function(e){return c.receiveMessage({event:e,instance:o,url:n,embedded:!0})};c.evtMsg.push({fct:r,opt:!1}),c.addEvtMsgListener(r)}}}(),u=function(){function e(){var e,t=c.checkDevicesOrientation();return d&&window.addEventListener&&window.addEventListener("orientationchange",function(){t=c.checkDevicesOrientation()},!1),{redirect:function(){var t=c.createForm(document,e,!0);document.body.append(t),t.submit()},setToken:function(t){e=t}}}var n;return{getInstance:function(t){return n||(n=e()),n.setToken(t),n},init:function(e,n,A){var i=u.getInstance(A);t=n,document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",i.redirect,!0):document.getElementById(e).attachEvent("onclick",i.redirect),c.removeOldEvtMsgListener();var o=function(e){return c.receiveMessage({event:e,instance:i,url:n,embedded:!1})};c.evtMsg.push({fct:o,opt:!1}),c.addEvtMsgListener(o)}}}();return{init:l.init,lightbox:{init:l.init},embedded:{init:g.init},redirect:{init:u.init},setHppUrl:function(e){n=e},setMobileXSLowerBound:function(e){i=e},_internal:c}}(),RealexRemote=function(){"use strict";var e=function(e){if(!/^\d{4}$/.test(e))return!1;var t=parseInt(e.substring(0,2),10);parseInt(e.substring(2,4),10);return!(t<1||t>12)};return{validateCardNumber:function(e){if(!/^\d{12,19}$/.test(e))return!1;for(var t=0,n=0,A=0,i=!1,o=e.length-1;o>=0;o--)n=parseInt(e.substring(o,o+1),10),i?(A=2*n)>9&&(A-=9):A=n,t+=A,i=!i;return 0==t%10},validateCardHolderName:function(e){return!!e&&!!e.trim()&&!!/^[\u0020-\u007E\u00A0-\u00FF]{1,100}$/.test(e)},validateCvn:function(e){return!!/^\d{3}$/.test(e)},validateAmexCvn:function(e){return!!/^\d{4}$/.test(e)},validateExpiryDateFormat:e,validateExpiryDateNotInPast:function(t){if(!e(t))return!1;var n=parseInt(t.substring(0,2),10),A=parseInt(t.substring(2,4),10),i=new Date,o=i.getMonth()+1,r=i.getFullYear();return!(A<r%100||A===r%100&&n<o)}}}();
\ No newline at end of file
+Element.prototype.remove=function(){this.parentElement.removeChild(this)},NodeList.prototype.remove=HTMLCollection.prototype.remove=function(){for(var e=this.length-1;e>=0;e--)this[e]&&this[e].parentElement&&this[e].parentElement.removeChild(this[e])};var RealexHpp=function(){"use strict";var e,t,n="https://pay.realexpayments.com/pay",A=A||Math.random().toString(16).substr(2,8),i=360,o=/Windows Phone|IEMobile/.test(navigator.userAgent),r=/Android|iPad|iPhone|iPod/.test(navigator.userAgent),a=function(){return(window.innerWidth>0?window.innerWidth:screen.width)<=i||(window.innerHeight>0?window.innerHeight:screen.Height)<=i},d=o,s=function(){return!o&&(r||a())},c={evtMsg:[],addEvtMsgListener:function(e){this.evtMsg.push({fct:e,opt:!1}),window.addEventListener?window.addEventListener("message",e,!1):window.attachEvent("message",e)},removeOldEvtMsgListener:function(){if(this.evtMsg.length>0){var e=this.evtMsg.pop();window.addEventListener?window.removeEventListener("message",e.fct,e.opt):window.detachEvent("message",e.fct)}},base64:{encode:function(e){var t="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";e=escape(e);var n,A,i,o,r,a="",d="",s="",c=0;do{i=(n=e.charCodeAt(c++))>>2,o=(3&n)<<4|(A=e.charCodeAt(c++))>>4,r=(15&A)<<2|(d=e.charCodeAt(c++))>>6,s=63&d,isNaN(A)?r=s=64:isNaN(d)&&(s=64),a=a+t.charAt(i)+t.charAt(o)+t.charAt(r)+t.charAt(s),n=A=d="",i=o=r=s=""}while(c<e.length);return a},decode:function(e){if(void 0===e)return e;var t,n,A,i,o="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",r="",a="",d="",s=0;if(/[^A-Za-z0-9\+\/\=]/g.exec(e))throw new Error("There were invalid base64 characters in the input text.\nValid base64 characters are A-Z, a-z, 0-9, '+', '/',and '='\nExpect errors in decoding.");e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");do{t=o.indexOf(e.charAt(s++))<<2|(A=o.indexOf(e.charAt(s++)))>>4,n=(15&A)<<4|(i=o.indexOf(e.charAt(s++)))>>2,a=(3&i)<<6|(d=o.indexOf(e.charAt(s++))),r+=String.fromCharCode(t),64!==i&&(r+=String.fromCharCode(n)),64!==d&&(r+=String.fromCharCode(a)),t=n=a="",A=i=d=""}while(s<e.length);return unescape(r)}},decodeAnswer:function(e){var t;if("string"!=typeof e)return null;try{t=JSON.parse(e)}catch(n){t={error:!0,message:e}}try{for(var n in t)t[n]&&(t[n]=c.base64.decode(t[n]))}catch(e){}return t},createFormHiddenInput:function(e,t){var n=document.createElement("input");return n.setAttribute("type","hidden"),n.setAttribute("name",e),n.setAttribute("value",t),n},checkDevicesOrientation:function(){return 90===window.orientation||-90===window.orientation},createOverlay:function(){var e=document.createElement("div");return e.setAttribute("id","rxp-overlay-"+A),e.style.position="fixed",e.style.width="100%",e.style.height="100%",e.style.top="0",e.style.left="0",e.style.transition="all 0.3s ease-in-out",e.style.zIndex="100",d&&(e.style.position="absolute !important",e.style.WebkitOverflowScrolling="touch",e.style.overflowX="hidden",e.style.overflowY="scroll"),document.body.appendChild(e),setTimeout(function(){e.style.background="rgba(0, 0, 0, 0.7)"},1),e},closeModal:function(e,t,n,A){e&&e.parentNode&&e.parentNode.removeChild(e),t&&t.parentNode&&t.parentNode.removeChild(t),n&&n.parentNode&&n.parentNode.removeChild(n),A&&(A.className="",setTimeout(function(){A.parentNode&&A.parentNode.removeChild(A)},300))},createCloseButton:function(e){if(null===document.getElementById("rxp-frame-close-"+A)){var t=document.createElement("img");return t.setAttribute("id","rxp-frame-close-"+A),t.setAttribute("src","data:image/gif;base64,iVBORw0KGgoAAAANSUhEUgAAABEAAAARCAYAAAA7bUf6AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMy1jMDExIDY2LjE0NTY2MSwgMjAxMi8wMi8wNi0xNDo1NjoyNyAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENTNiAoV2luZG93cykiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6QUJFRjU1MEIzMUQ3MTFFNThGQjNERjg2NEZCRjFDOTUiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6QUJFRjU1MEMzMUQ3MTFFNThGQjNERjg2NEZCRjFDOTUiPiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDpBQkVGNTUwOTMxRDcxMUU1OEZCM0RGODY0RkJGMUM5NSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDpBQkVGNTUwQTMxRDcxMUU1OEZCM0RGODY0RkJGMUM5NSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRGPiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PlHco5QAAAHpSURBVHjafFRdTsJAEF42JaTKn4glGIg++qgX4AAchHAJkiZcwnAQD8AF4NFHCaC2VgWkIQQsfl/jNJUik8Duzs/XmW9mN7Xb7VRc5vP5zWKxaK5Wq8Zmu72FqobfJG0YQ9M0+/l8/qFQKDzGY1JxENd1288vLy1s786KRZXJZCLber1Wn7MZt4PLarVnWdZ9AmQ8Hncc17UvymVdBMB/MgPQm+cFFcuy6/V6lzqDf57ntWGwYdBIVx0TfkBD6I9M35iRJgfIoAVjBLDZbA4CiJ5+9AdQi/EahibqDTkQx6fRSIHcPwA8Uy9A9Gcc47Xv+w2wzhRDYzqdVihLIbsIiCvP1NNOoX/29FQx3vgOgtt4FyRdCgPRarX4+goB9vkyAMh443cOEsIAAcjncuoI4TXWMAmCIGFhCQLAdZ8jym/cRJ+Y5nC5XCYAhINKpZLgSISZgoqh5iiLQrojAFICVwGS7tCfe5DbZzkP56XS4NVxwvTI/vXVVYIDnqmnnX70ZxzjNS8THHooK5hMpxHQIREA+tEfA9djfHR3MHkdx3Hspe9r3B+VzWaj2RESyR2mlCUE4MoGQDdxiwHURq2t94+PO9bMIYyTyDNLwMoM7g8+BfKeYGniyw2MdfSehF3Qmk1IvCc/AgwAaS86Etp38bUAAAAASUVORK5CYII="),t.setAttribute("style","transition: all 0.5s ease-in-out; opacity: 0; float: left; position: absolute; left: 50%; margin-left: 173px; z-index: 99999999; top: 30px;"),setTimeout(function(){t.style.opacity="1"},500),d&&(t.style.position="absolute",t.style.float="right",t.style.top="20px",t.style.left="initial",t.style.marginLeft="0px",t.style.right="20px"),t}},createForm:function(e,A,i){var o=document.createElement("form");o.setAttribute("method","POST"),o.setAttribute("action",n);var r=!1;for(var a in A)"HPP_VERSION"===a&&(r=!0),o.appendChild(c.createFormHiddenInput(a,A[a]));if(!1===r&&o.appendChild(c.createFormHiddenInput("HPP_VERSION","2")),i)o.appendChild(c.createFormHiddenInput("MERCHANT_RESPONSE_URL",t));else{var d=c.getUrlParser(window.location.href),s=d.protocol+"//"+d.host;o.appendChild(c.createFormHiddenInput("HPP_POST_RESPONSE",s)),o.appendChild(c.createFormHiddenInput("HPP_POST_DIMENSIONS",s))}return o},createSpinner:function(){var e=document.createElement("img");return e.setAttribute("src","data:image/gif;base64,R0lGODlhHAAcAPYAAP////OQHv338fzw4frfwPjIkPzx4/nVq/jKlfe7dv337/vo0fvn0Pzy5/WrVv38+vjDhva2bfzq1fe/f/vkyve8d/WoT/nRpP327ve9e/zs2vrWrPWqVPWtWfvmzve5cvazZvrdvPjKlPfAgPnOnPvp0/zx5fawYfe+ff317PnTp/nMmfvgwvfBgv39/PrXsPSeO/vjx/jJkvzz6PnNm/vkyfnUqfjLl/revvnQoPSfPfSgP/348/nPnvratfrYsvWlSvSbNPrZs/vhw/zv4P306vrXrvzq1/359f369vjHjvSjRvOXLfORIfOQHvjDh/rduvSaM/jEifvlzPzu3v37+Pvixfzr2Pzt3Pa1afa3b/nQovnSpfaxYvjFi/rbt/rcufWsWPjGjfSjRPShQfjChPOUJva0aPa2a/awX/e6dPWnTfWkSPScNve4cPWpUfSdOvOSI/OVKPayZPe9efauW/WpUvOYL/SiQ/OZMfScOPOTJfavXfWmSwAAAAAAACH/C05FVFNDQVBFMi4wAwEAAAAh/hpDcmVhdGVkIHdpdGggYWpheGxvYWQuaW5mbwAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUKKYmNh0ofjoklL4RLUQ+DVZmSAAswOYIKTE1UglUCVZ0AGBYwPwBHTU44AFU8PKuCEzpARB5OTjYAPEi5jQYNgzE7QS1ET1JTD7iqgi6chAcOFRsmABUQBoQuSAIALjwpMwqHCBYcJyrHhulF9xiJFx0WMo0Y99o18oBCWSIXKZI0eoBhkaQHEA0JIIAAQoYPKiSlwIKFyIAUnAYUSBAhAogVkmZc0aChIz0ACiQQCLFAEhIMKXhkO8RiRqMqBnYe0iAigwoXiah4KMEI0QIII1rQyHeoypUFWH0aWjABAgkPLigIKUIIiQQNrDQs8EC2EAMKBlIV9EBgRAHWFEes1DiWpIjWRDVurCCCBAqUGUhqxEC7yoUNBENg4sChbICVaasw3PCBNAkLHAI1DBEoyQSObDGGZMPyV5egElNcNxJAVbZtQoEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhUVFiY2HYlKOiUdDgw9hDg+DPjWSgh4WX4JYY2MagipOBJ4AGF0OnTVkZDEAX05mDawAXg5dGCxBQQRFTE5djkQYgwxhFghYSjIDZU6qgy6ahS8RSj6MEyImhAoFHYJJPAJIhz1ZERVfCi6HVelISDyJNloRCI08ArJrdEQKEUcKtCF6oEDBDEkPIhoSwEKFDCktDkhyuAgDD3oADOR40qIFCi4bZywqkqIKISRYKAwpIalKwCQgD7kYMi6RC0aOsGxB8KLRDA1YBCQqsaLpBqU6DSDVsMzQFRkkXhwBcIUBVHREDmIYgOWKAkMMSpwFwINAiCkCTI5cEaCBwYKBVTAAnYQjBAYFVqx4XLBgwK6dIa4AUFCjxjIDDCTkdIQBzAJBPBrrA0DFw2ZJM2gKcjGFgsIBa3cNOrJVdaKArmMbCgQAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFRSmJjYckK46JEjWECWqEQgSSghJnIYIzaSdFghdRQ5wAPBlalRIdHUcALzBrGKoAPVoJPBQWa1MNbDsJjgOMggtaaDkaCDREKG06OIMDHoYhEzRgpTQiWIQmCJhUEGxOT4dGEy1SYMmGLgVmTk5uiWBlLTQuiSTutXBERcSVRi5OWEtUBUMKE6r+FeJR48cFEjdeSEoigIfHJBIb/MixYgWCDZKQeFz5gFAVE0cWHHRUJUmSKhIRHSnVCENORCZYhJjys5CAGUWQJCISAsdQHolSLCoC1ZABMASmGACApYQCQg+kAkCCocgMpYWIGEBLMQYDBVRMiPAwoUFDEkEPPDrCUiOGAAUePCioogFLg1wuPMSgAkDAggUCAMzQwFiVgCEzkzy+C6DBFbSSiogbJEECoQZfcxEiUlk1IpWuYxsKBAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUzDYmNhxckjolXVoQQIy6DX5WSAFQZIYIKFQlFgjZrU50ASUojMZ4fblcAUBxdCqsALy1PKRpoZ0czJ2FKjgYpmQBEZSNbAys5DUpvDh6CVVdDy4M1IiohMwBcKwOEGFwQABIjYW3HhiwIKzQEM0mISmQ7cCOJU2is4PIgUQ44OxA4wrDhSKMqKEo0QpJCQZFuiIqwmGKiUJIrMQjgCFFDUggnTuKQKWNAEA8GLHCMLOkIB0oncuZgIfTAYooUkky8CLEASaIqwxzlczSjRgwGE3nwWHqISAynEowiEsADSddDBoZQOAKUigYehQQAreJVgFZCM1JSVBGEZMGCK1UapEiCoUiRpS6qzG00wO5UDVd4PPCba5ULCQw68tBwFoAAvxgbCfBARNADLFgGK8C3CsO5QUSoEFLwVpcgEy1dJ0LSWrZtQYEAACH5BAkKAAAALAAAAAAcABwAAAf/gACCg4SFhoeIhRgziY2HQgeOiUQ1hDcyLoNgFJKCJiIEggpSEIwALyALnQBVFzdTAANlZVcAQxEVCqsABCs0ClgTKCUCFVo9jg0pVYIpNDc/VBcqRFtZWrUASAtDhlhgLCUpAFAq2Z4XJAAaK2drW4dHITg4CwrMhg8IHQ52CIlUCISw8iARlzd1IjVCwsBEowciBjRKogDDOEdEQsSgUnAQEg0MasSwwkCSiig7loRBcURQEg0eatQgKekASjwcMpQohCRFkYuNDHwhcCVJoipYMDhSosHRjAULWib64STOjUQGGEDVgO8QHSdgMxxq4KEEFQEAZhjo6JEHAAZqUu44EWNIgQB8LzWYqKJAQRIegDsqiPElGRauSWbMQOKCBxK3q1xQ0VCEVZEiSAD85ZGpE5IrDgE8uIwPyd1VAkw1q+yx6y5RSl8nesBWtu1BgQAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFGEWJjYcEX46JDUeEG1sPgwQlkoIYUAuCPD00M4JfGVedAC5DIRoAMzQrWAA1I14CqwBHODg8JggiVwpPLQeORSlVor4UJj8/RDYTZUSCAiUxLoUGQxRHGABXMSaEA1wqABoXdCAvh0QxNTUlPNyGSDluWhHqiCYoxPCQCRGXLGrAOEoiwVQiJBdSNEKiAIM4R1SGTCFSUFASKhIWLGCgypGKNWHqoJECC0CSAUdEMmjZaMOaDmncILhGKIkABbocmfAgoUGjByaQOGrBwFEKLBrMJbIBh4yMSRqgmsB3CAKZHXAyHCpyBUtSABa5sjoAAoAECG9QgngxJAAJvgdF8lbhwQOAEidOYghSMCVEx0MK8j7Ye4+IHCdzdgHIq+sBX2YHnJhxKCnJjIsuBPAo+BfKqiQKCPEllCOS5EFIlL5OpHa27UAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFPBiJjYdXDI6JAlSENUMugx4akoJIVpwAVQQ4AoI1Mgadgh5WRAAKOCENAEc3PTyrABo1NQICIVAzPD00Qo4YCg+evR4YFBRFQjcrA4JJWAuGMx4lVAoAV1O0g1QbPgADP0oZYIcmDAsLGjyZhikqZS0Tx4gz8hLsGXJxYQQEAo6SaDCVCMMFE40e8ECSRJKBI0eKCASQxAQRLBo0WHPE5YwbNS1oVOLoEeQViI6MmEwwgsYrQhIpSiqi4UqKjYUeYAAaVMkRRzyKFGGU6IedDjYSKSiSgirRQTLChLGD4JCAGUsrTixU5QCdWivOrNliiKI9iRNNZ3wBY0KKHh1DPJVggRRJrhhOnBgxwIYMGl0AeIw9EjgEACMw2JCT5EKxIAxynFwRhCBKjFUSCQHJs0xQjy+ICbXoUuhqJyIlUss2FAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFVQKJjYdEDI6JPESECzVVg0RUkoJVHliCLlMxCoJUYAadglcMAwBJFDFFAA0hBEirACYLCwpJMVYNDyw4U44CPA+CSb0SPAsMKUdQIaqwDVguhQpXWAOmJhIYhBhTx0UhWyIEhykaWBoGSYgKUCQrCCGJCvHXhy583FhRw1GVBvQSpRAyo1GVJFUyORpw5IqBXINcYCjCsUgKST9QlCkjhss1jR1nfHT0BQUEKQUOmCjk4gFESSkGmEixDJELZY14iDjiKAkPJDwa+UDjZkMipEgZIUqyIYGWLDR6EkqSjEcmJTeSDuLxY8QuLi2ybDFUReuAPU5W+KTgkkOCCgsc9gF4wEvrISlOnLAgAiePCgFnHKDQBQCIkycADADR4QPAFAd8Gqwy4ESLIAF2dlAQ5KMPlFULpBACgUezIChfGBOiAUJ2oiJXbOsmFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iFDzyJjYcNEo6JSAaEGgtJgyZEkoIPGgODEgwKggZDJp2CAxoNAA8lDEUAKTE1jKopWBoKDwsMMw9TNQuOSUkuglVYWERJWFe6VjGuAFUKJsmESDNFKUgAGAaZgwKxAAILLFDFhjzeRUVViEgSBDghDJPxKY0LISGuOHKBYd4kD6USPVj4QJIJKkQakBvEo2JFAZJCiFhBI4eQVIKQWKwoCQcCGj0ufJlRyEXDTkVmzOiViIgblokU0IjU6EUeJy0a/ZjQQshLQ1ucKE2Dy5ACMFJaTLhgkNAXJ3m6DAFwwwtOQQpeeAnnA8EEG4Y8MMBlgA2cEylSVORY8OVMhBCDihw5emiFDh1gFITp8+LBCC1jVQE40+YJAAUgOOA94sZNqE4mYKiZVyWCA30ArJzB20mClKMtOnylAEVxIR8VXDfiQUW2bUOBAAAh+QQJCgAAACwAAAAAHAAcAAAH/4AAgoOEhYaHiIUuAomNhwpUjokPKYQGGkmDKSaSgi4zlYJUGowAMx4NnYIYRZVVWFiVCgsLPKoAAkVFSA8aGhgAJQtHjg9VLp6tM0kNJjwGDAupAC48RciEVQI8PJkCKdiCrxIASRpTVuSGSTxIPAJViElYNTUxJYna7o1HMTEakqo8aMTDg4JGM6aAYSApRYoiAsIBwABhzB4nTiZIkgAFB44hDGYIUgCBjRyMGh1x9GglZCEMC4ZckYRBQRFbiTDQAZgohQ0ijkKs0TOiEZQbKwhIJLRBxw4dXaYZwmClx4obP5YCINCGTZYQAIx4CTVyg4xqLLggEGLIA4VpCldAcNDS4AIJBkNQtGAhiBKRgYmMOHDAQoGWM2AAyCiz4haAEW+8TKygBSyWMmUMqOJRpwWyBy0iUBDkIQPfTiZIxBNEA41mQRIIOCYUo8zsRDx43t4tKBAAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGSYmMh0gzjYkuPIQYRQ+DPA2RgwKUgilFSIICV5ucAEhIn6ECqVgarqhJPDyLRUUKAFRYVI1HMZAALgJIAg8KGDwKGlinAEkKLoU1Tnt1BABVAtOEKb4PBhIMR4c+cU5OaymILiYlCwtHmIcxQU4fjAYMDFjdiApQSGBU5QgGRjOmEFgQCUMKZf8AKLgBAgiZNvkaURkSo8aUI+wAYJDSYcyONloibexIoYQwQS6oEPgxpOGMXPQOPdjCMFESCgcZHdFiYUROQ0dChCgRkRCFOg4cRMCCiIcGAjhCUDgq6AiHDhWyxShAhJACKFweJJHAAgoFQ1dfrAwQlKRMhAwpfnCZMkXEihqCHmAwUIXRkAgRoLiQgsIHABsrVDRl1OPMDQAPZIzAAcAEjRVzOT2gI+XTjREMBF0RUZMThhyyAGyYYGCQhtaoCJVQMjk3ISQafAtHFAgAIfkECQoAAAAsAAAAABwAHAAAB/+AAIKDhIWGh4iGD4mMh1UCjYkNXlWDSQKVgo+Rgkl3HZkCSEmdMwqcgnNOWoI8SDwAD0VFSKgAP05ONgACPLApKUUujAsesABIek46CkmuAjNFp4IPPIuEQ3p2dDgAJBEmhdAuLikDGljDhTY6OjtZM4guAlRYWFSZhmB9cF3Xhxg0aBjw75ABNVYaGcDACEkDA+EaVUmSJJ8gF2AmgDgRBkWkGQwWlJBA5ViSG3PqOHiTIFIDDwtESkhBqAqRKTgoROJRJAUmRlA8MHoggSEjA16yQKiFiEqMGFgSXaETQcsEKoiSYIlRI0YJdYRMuIkgxYcLCSs0gEVyxcq8K1NhhpQwxCDEgEE3WrQggsPHFCpQcGCNlYKIRUNXyrTA4aIHAigArOAYUrDRhgk0yF1YQQBAChwhGqB6IEbJNCMIpggaAOYKKgwXjAJggSAiAANHbBW6kgMsAN+6q7jWTfxQIAA7AAAAAAAAAAAA"),e.setAttribute("id","rxp-loader-"+A),e.style.left="50%",e.style.position="fixed",e.style.background="#FFFFFF",e.style.borderRadius="50%",e.style.width="30px",e.style.zIndex="200",e.style.marginLeft="-15px",e.style.top="120px",e},createIFrame:function(e,t){var n=c.createSpinner();document.body.appendChild(n);var i=document.createElement("iframe");if(i.setAttribute("name","rxp-frame-"+A),i.setAttribute("id","rxp-frame-"+A),i.setAttribute("height","562px"),i.setAttribute("frameBorder","0"),i.setAttribute("width","360px"),i.setAttribute("seamless","seamless"),i.style.zIndex="10001",i.style.position="absolute",i.style.transition="transform 0.5s ease-in-out",i.style.transform="scale(0.7)",i.style.opacity="0",e.appendChild(i),d){i.style.top="0px",i.style.bottom="0px",i.style.left="0px",i.style.marginLeft="0px;",i.style.width="100%",i.style.height="100%",i.style.minHeight="100%",i.style.WebkitTransform="translate3d(0,0,0)",i.style.transform="translate3d(0, 0, 0)";var o=document.createElement("meta");o.name="viewport",o.content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0",document.getElementsByTagName("head")[0].appendChild(o)}else i.style.top="40px",i.style.left="50%",i.style.marginLeft="-180px";var r;i.onload=function(){i.style.opacity="1",i.style.transform="scale(1)",i.style.backgroundColor="#ffffff",n&&n.parentNode&&n.parentNode.removeChild(n),r=c.createCloseButton(),e&&r&&(e.appendChild(r),r.addEventListener("click",function(){c.closeModal(r,i,n,e)},!0))};var a=c.createForm(document,t);return i.contentWindow.document.body?i.contentWindow.document.body.appendChild(a):i.contentWindow.document.appendChild(a),a.submit(),{spinner:n,iFrame:i,closeButton:r}},openWindow:function(e){var t=window.open();if(!t)return null;var n=t.document,A=n.createElement("meta"),i=n.createAttribute("name");i.value="viewport",A.setAttributeNode(i);var o=n.createAttribute("content");o.value="width=device-width",A.setAttributeNode(o),n.head.appendChild(A);var r=c.createForm(n,e);return n.body.appendChild(r),r.submit(),t},getUrlParser:function(e){var t=document.createElement("a");return t.href=e,t},getHostnameFromUrl:function(e){return c.getUrlParser(e).hostname},isMessageFromHpp:function(e,t){return c.getHostnameFromUrl(e)===c.getHostnameFromUrl(t)},receiveMessage:function(t){if(c.isMessageFromHpp(t.event.origin,n)&&t.event.data){var i=c.decodeAnswer(t.event.data);if(null!==i)if(i.iframe){if(!s()){var o,r=i.iframe.width,a=i.iframe.height,l=!1;if(o=t.embedded?t.instance.getIframe():document.getElementById("rxp-frame-"+A),t.instance.events&&t.instance.events.onResize&&t.instance.events.onResize(i.iframe),"390px"===r&&"440px"===a&&(o.setAttribute("width",r),o.setAttribute("height",a),l=!0),o.style.backgroundColor="#ffffff",d){if(o.style.marginLeft="0px",o.style.WebkitOverflowScrolling="touch",o.style.overflowX="scroll",o.style.overflowY="scroll",!t.embedded){var g=document.getElementById("rxp-overlay-"+A);g.style.overflowX="scroll",g.style.overflowY="scroll"}}else!t.embedded&&l&&(o.style.marginLeft=parseInt(r.replace("px",""),10)/2*-1+"px");!t.embedded&&l&&setTimeout(function(){document.getElementById("rxp-frame-close-"+A).style.marginLeft=parseInt(r.replace("px",""),10)/2-7+"px"},200)}}else{var u=function(){s()&&e?e.close():t.instance.close();var n=document.getElementById("rxp-overlay-"+A);n&&n.remove()},h=t.event.data;if("function"==typeof t.url)return void t.url(i,u);u();var I=document.createElement("form");I.setAttribute("method","POST"),I.setAttribute("action",t.url),I.appendChild(c.createFormHiddenInput("hppResponse",h)),document.body.appendChild(I),I.submit()}}}},l=function(){function t(){var t,n,A,i,o,r=c.checkDevicesOrientation();return d&&window.addEventListener&&window.addEventListener("orientationchange",function(){r=c.checkDevicesOrientation()},!1),{lightbox:function(){if(s())e=c.openWindow(o);else{t=c.createOverlay();var r=c.createIFrame(t,o);n=r.spinner,A=r.iFrame,i=r.closeButton}},close:function(){c.closeModal()},setToken:function(e){o=e}}}var n;return{getInstance:function(e){return n||(n=t()),n.setToken(e),n},init:function(e,t,n){var A=l.getInstance(n);"autoload"===e?A.lightbox():document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",A.lightbox,!0):document.getElementById(e).attachEvent("onclick",A.lightbox),c.removeOldEvtMsgListener();var i=function(e){return c.receiveMessage({event:e,instance:A,url:t,embedded:!1})};c.evtMsg.push({fct:i,opt:!1}),c.addEvtMsgListener(i)}}}(),g=function(){function e(){var e,t;return{embedded:function(){var n=c.createForm(document,t);e&&(e.contentWindow.document.body?e.contentWindow.document.body.appendChild(n):e.contentWindow.document.appendChild(n),n.submit(),e.style.display="inherit")},close:function(){e.style.display="none"},setToken:function(e){t=e},setIframe:function(t){e=document.getElementById(t)},getIframe:function(){return e}}}var t;return{getInstance:function(n){return t||(t=e()),t.setToken(n),t},init:function(e,t,n,A,i){var o=g.getInstance(A);o.events=i,o.setIframe(t),"autoload"===e?o.embedded():document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",o.embedded,!0):document.getElementById(e).attachEvent("onclick",o.embedded),c.removeOldEvtMsgListener();var r=function(e){return c.receiveMessage({event:e,instance:o,url:n,embedded:!0})};c.evtMsg.push({fct:r,opt:!1}),c.addEvtMsgListener(r)}}}(),u=function(){function e(){var e,t=c.checkDevicesOrientation();return d&&window.addEventListener&&window.addEventListener("orientationchange",function(){t=c.checkDevicesOrientation()},!1),{redirect:function(){var t=c.createForm(document,e,!0);document.body.append(t),t.submit()},setToken:function(t){e=t}}}var n;return{getInstance:function(t){return n||(n=e()),n.setToken(t),n},init:function(e,n,A){var i=u.getInstance(A);t=n,document.getElementById(e).addEventListener?document.getElementById(e).addEventListener("click",i.redirect,!0):document.getElementById(e).attachEvent("onclick",i.redirect),c.removeOldEvtMsgListener();var o=function(e){return c.receiveMessage({event:e,instance:i,url:n,embedded:!1})};c.evtMsg.push({fct:o,opt:!1}),c.addEvtMsgListener(o)}}}();return{init:l.init,lightbox:{init:l.init},embedded:{init:g.init},redirect:{init:u.init},setHppUrl:function(e){n=e},setMobileXSLowerBound:function(e){i=e},_internal:c}}(),RealexRemote=function(){"use strict";var e=function(e){if(!/^\d{4}$/.test(e))return!1;var t=parseInt(e.substring(0,2),10);parseInt(e.substring(2,4),10);return!(t<1||t>12)};return{validateCardNumber:function(e){if(!/^\d{12,19}$/.test(e))return!1;for(var t=0,n=0,A=0,i=!1,o=e.length-1;o>=0;o--)n=parseInt(e.substring(o,o+1),10),i?(A=2*n)>9&&(A-=9):A=n,t+=A,i=!i;return 0==t%10},validateCardHolderName:function(e){return!!e&&!!e.trim()&&!!/^[\u0020-\u007E\u00A0-\u00FF]{1,100}$/.test(e)},validateCvn:function(e){return!!/^\d{3}$/.test(e)},validateAmexCvn:function(e){return!!/^\d{4}$/.test(e)},validateExpiryDateFormat:e,validateExpiryDateNotInPast:function(t){if(!e(t))return!1;var n=parseInt(t.substring(0,2),10),A=parseInt(t.substring(2,4),10),i=new Date,o=i.getMonth()+1,r=i.getFullYear();return!(A<r%100||A===r%100&&n<o)}}}();
\ No newline at end of file
diff --git a/package.json b/package.json
index a2c444d..8688059 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "rxp-js",
   "description": "The official Realex Payments JS Library",
-  "version": "1.5.0",
+  "version": "1.5.1",
   "homepage": "https://github.com/realexpayments/rxp-js",
   "author": {
     "name": "Realex Developer",