CORS Support for Direct Post
Currently it is not possible to implement a checkout experience with Direct Post that keeps the customer on the checkout page without redirection. We would to avoid redirection to improve the checkout experience.
Our ideal design is one where the form is posted directly to zuora via ajax. However we are finding that this is not possible as the /apps/PublicHostedPageLite.do page does not support the CORS header "Access-Control-Allow-Origin" and hence cannot be called directly form the customers browser (although this is exactly what happens with the iframe). This leaves us with two choices (neither of which are ideal):-
1) Rely on redirect, which limits the design of the checkout.
2) Implement the ajax call through our server, and pass that on to Zuora. However, this adds an additional touch point for the card details.
It would help with the checkout experience if the PublicHostedPageLite page supported the CORS header to make this possible.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.