0

I am trying to make a payment using paypal sdk. My front end is angularjs and my back end is nodejs.

In my front end, I just call a route in my node server as:

$http.post('/paypal/pay', cart)

I have CORS configured in my node server.

The CORS problem happens in the "res.redirect" line.

I also configured CORS also into headers from paypal config to try solve the problem, but no success.

I am testing paypal payment using nodejs in localhost.

When I try to make a payment I get the next error:

What am I doing wrong?

//error

https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&token=EC-YYYYYY: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.

//node server

const express = require('express');
const app = express();
const PaypalAPI=require('./routes/paypal-checkout');     
app.all('*', function(req, res, next) { 
      res.setHeader('Access-Control-Allow-Origin', '*');
      res.setHeader('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
      res.setHeader('Access-Control-Allow-Headers', 'Content-Type, Authorization');
      next();
    });


app.use('/paypal',PaypalAPI)

var server = app.listen(app.get('port'), function () {
            console.log('Servidor rodando em ' +app.get('host') + ' Porta: '+app.get('port'));
});

//node router - paypal-checkout.js

const express = require('express');
const paypal = require('paypal-rest-sdk');
const router = express.Router();
paypal.configure({
  'mode': 'sandbox', //sandbox or live
  'client_id': 'XXXX',
  'client_secret': 'YYYYYY',
  'headers' : {
     'Access-Control-Allow-Origin': '*',
     'Access-Control-Allow-Methods': 'PUT, GET, POST, DELETE, OPTIONS',
     'Access-Control-Allow-Headers': 'Content-Type, Authorization'
    }
});

router.post('/pay', (req, res) => {
  const create_payment_json = {
    "intent": "sale",
    "payer": {
        "payment_method": "paypal"
    },
    "redirect_urls": {
        "return_url": "http://localhost/paypal/success",
        "cancel_url": "http://localhost/paypal/cancel"
    },
    "transactions": [{
        "item_list": {
            "items": [{
                "name": "Red Sox Hat",
                "sku": "001",
                "price": "25.00",
                "currency": "BRL",
                "quantity": 1
            }]
        },
        "amount": {
            "currency": "BRL",
            "total": "25.00"
        },
        "description": "Hat for the best team ever"
    }]
};

paypal.payment.create(create_payment_json, function (error, payment) {
  if (error) {
      throw error;
  } else {
      for(let i = 0;i < payment.links.length;i++){
        if(payment.links[i].rel === 'approval_url'){
          res.redirect(payment.links[i].href);
        }
      }
  }
});

});
Luiz Alves
  • 1,927
  • 2
  • 19
  • 48

1 Answers1

0

I ran into this problem as well. Although this might be late for OP but I'd like to point out that this is a problem within the browser. The answer has been posted before but here are the options again:

  1. turn off CORS
  2. Use a chrome extension
  3. set up a reverse proxy
Ken Luk
  • 21
  • 2