Neojack
Neojack16mo ago

list of 3rd party domains for Content Security Policy

Hello we need a list of all possible 3rd party domains that maybe called when processing payment - such as vpay.co.kr Our secure whitelist for CSP is set to strict and will block unknown domain calls I could not find this in documentation so please share with me a list of domains thanks
7 Replies
토스페이먼츠 BOT
⏳ 잠시만 기다려주세요! 곧 답변드리겠습니다
오류 문의일 경우 아래 정보를 미리 전달해주시면, 빠른 답변에 도움이 됩니다.
- 주문번호(orderId) : - 문의 내용 :
(img를 함께 첨부해주시면 도움이됩니다)
* 계약관련 내용은 1544-7772로 문의주세요. * 주말/공휴일에는 답변이 늦을 수 있어요.
이실장
이실장16mo ago
This pertains to the process after transitioning to the card company's window. The DNS redirect can change at any time, and we do not manage it separately.
Neojack
NeojackOP16mo ago
Yes I know this but regardless it would be helpful if you have a list of domains. Otherwise payment gets blocked. If you can’t then what’s your suggested approach for csp
유부장
유부장16mo ago
Hi @Neojack We are not recommending merchant to perform the payment within specific private network, because we cannot make sure all service providers' service domain (it is up to service provider), and also we are providing our service via cloud service provider. Please kindly understand on this.
Neojack
NeojackOP16mo ago
Ok understand.. I’ll have to see if client can change security policy from strict to report only when calling payment. Thanks
유부장
유부장16mo ago
Thank you for the understanding. Please do not hesitate to let us know if you have any other questions.
토스페이먼츠 BOT
❤️ 기술문의 경험이 어떠셨나요?!
간단히 코멘트 남겨주세요! 제품 발전에 큰 힘이 됩니다.