zlacker

[return to "Stripe records user movements on its customers' websites"]
1. mtlync+7[view] [source] 2020-04-21 17:01:46
>>mtlync+(OP)
Author here. Happy to answer any questions or hear feedback about this post.
◧◩
2. TAForO+md[view] [source] 2020-04-21 18:10:56
>>mtlync+7
Have you tried sequestering the payment logistics to a separate domain or subdomain? If you had a pay._____.com that processed payments using Stripe.js, and that redirected back to app._____.com (which would not be using stripe.js), would tracking continue into your app pages?

EDIT: didn't expect this to be so controversial (6 downvotes!)

◧◩◪
3. mtlync+kf[view] [source] 2020-04-21 18:22:15
>>TAForO+md
That was one of the solutions I considered. I believe that would successfully limit Stripe's tracking, but it's just logistically complicated to stand up a whole second app just to serve one page and manage state between the payment app and my main app.
◧◩◪◨
4. somish+X01[view] [source] 2020-04-22 00:17:18
>>mtlync+kf
Could you simply use an iframe with a sandbox attribute? Idea being you dynamically create an iframe, fill it with content (styles, postmessage scripts, what have you), then dynamically set a semi-restrictive sandbox before loading Stripe's library. When you're done (i.e. have a payment token in the parent) just remove the iframe. This way everything Stripe related is sandboxed and the script is unloaded as soon as you're finished with it.

Good chance I'm missing something, or there's some kind of protections in place around this.

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/if...

◧◩◪◨⬒
5. mtlync+B21[view] [source] 2020-04-22 00:34:33
>>somish+X01
That was another solution I considered. I think that would work, but it seemed expensive to implement. I believe it would still require me to host a separate copy of my app or a standalone app that handles just payments. Stripe also creates its own child iframe for displaying payment UI, so at that point, my app would look like:

  Main app
    My sandboxed iframe
      Stripe's iframe
So managing all the bubbling up and down of messages felt like it was going to be complicated. Limiting Stripe to a single page and forcing the new HTTP requests to unload it is a bit hackier, but is really simple to implement. You can see it in the blog post - I only had to add ~5 lines of extra code to my app to make it work.
[go to top]