- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Email to a Friend
- Printer Friendly Page
- Report Inappropriate Content
CORS Support for Direct Post

Currently it is not possible to implement a checkout experience with Direct Post that keeps the customer on the checkout page without redirection. We would to avoid redirection to improve the checkout experience.
This redirection-less checkout is possible with the Payment Pages 2.0, using the javascript callback, however we are finding that conversion rates are not great with the current checkout design and we would like to improve the experience by adding more real time feedback as well as better validation for direct debit customers - which are not possible with the iframe.
Our ideal design is one where the form is posted directly to zuora via ajax. However we are finding that this is not possible as the /apps/PublicHostedPageLite.do page does not support the CORS header "Access-Control-Allow-Origin" and hence cannot be called directly form the customers browser (although this is exactly what happens with the iframe). This leaves us with two choices (neither of which are ideal):-
1) Rely on redirect, which limits the design of the checkout.
2) Implement the ajax call through our server, and pass that on to Zuora. However, this adds an additional touch point for the card details.
It would help with the checkout experience if the PublicHostedPageLite page supported the CORS header to make this possible.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.