This article provides a patch for the known Magento Commerce 2.3.0 limitation related to not having ability to process Cybersource payments from both store front and Admin, if they are on different domains.
The previous implementation of the Cybersource integration allowed processing payments from one domain only. As a result, if your Magento store front is on different domain from Magento Admin, you get the following error when trying to place an order using Cybersource in Admin: "Load denied by X-Frame-Options: https://%your_domain%/cybersource/SilentOrder/TokenResponse/ does not permit cross-origin framing..."
Steps to reproduce:
- Set up Admin on a different subdomain.
- Configure Cybersource for the store under Stores > Settings > Configuration > Sales > Payment Methods > CyberSource.
- Go to Sales > Orders.
- Create new order.
- Create new customer.
- Enter customer details.
- Enter order details (products, shipping method)
- Select Cybersource as the payment method.
- Submit order.
Order is placed with no issues.
The Order page shows a loading icon, but the order is never placed. The error is displayed in console.
The attached patch provides the improvement for the integration with Cybersource. After applying the patch, you need to create one more profile with Cybersource for processing payments in Admin, and add the required credentials in the Cybersource configuration in Magento Admin under Stores > Settings > Configuration > Sales > Payment Methods > CyberSource.
The improvement is included in Magento Commerce and Cloud 2.2.9 and 2.3.1.
There are several patches attached to this article, different patches for different versions. To download a patch, scroll down to the end of the article and click the file name, or click the following link:
- Download MDVA-5914_EE_2.1.9_COMPOSER_v3.patch
- Download MDVA-8609_EE_2.2.2_COMPOSER_v2.patch
- Download MDVA-12964_EE_2.2.5_COMPOSER_v1.patch
- Download MDVA-16643_EE_2.3.0_COMPOSER_v1.patch
Compatible Magento versions
The patches were created for particular version noted in the patch file name. For example, MDVA-5914_EE_2.1.9_COMPOSER_v3.patch was created for Magento Commerce 2.1.9 and is the best patch to be used for this version.
The patches are also compatible with the following versions:
- Magento Commerce 2.1.3-2.1.17; Magento Commerce Cloud 2.1.5-2.12 (MDVA-5914_EE_2.1.9_COMPOSER_v3.patch)
- Magento Commerce 2.2.0-2.2.3; Magento Commerce Cloud 2.2.0-2.2.3 (MDVA-8609_EE_2.2.2_COMPOSER_v2.patch)
- Magento Commerce 2.2.4-2.2.7; Magento Commerce Cloud 2.2.4-2.2.7 (MDVA-12964_EE_2.2.5_COMPOSER_v1.patch)
- Magento Commerce 2.2.8, 2.3.0; Magento Commerce Cloud 2.3.0 (MDVA-16643_EE_2.3.0_COMPOSER_v1.patch)
How to apply a patch
We strongly recommend applying and testing the patch on the Integration/Staging environment, before applying it Production. We also recommend to have a recent backup before any manipulations.
How to apply a patch for Magento Commerce Cloud
- If you do not have a directory named
m2-hotfixesin the project root, please create one.
- Copy the
%patch_name%.patchfile to the
Add, commit, and push your code changes:
git add -A && git commit -m "Apply %patch_name%.patch" && git push origin
How to apply a patch for Magento Commerce
- Upload the patch to your Magento root directory.
- Run the following SSH command:
(If the above command does not work, try using
patch -p1 < %patch_name%.patch
- For the changes to be reflected, refresh the cache in the Admin under System > Cache Management.