Implement cybersource silent order post with ajax

Question

I am using cybersource silent order post inside magento one page checkout. I want to do ajax post to "https://testsecureacceptance.cybersource.com/silent/pay/". But it's giving me below error:- "XMLHttpRequest cannot load https://testsecureacceptance.cybersource.com/silent/pay/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin is therefore not allowed access. The response had HTTP status code 403"

I want answer specific to cybersource. Let me know if there is another option except ajax

Please find below my code:-

var url = jQuery("#post_url").val();
var access_key=jQuery("#access_key").val();
var profile_id=jQuery("#profile_id").val();
var signed_field_names=jQuery("#signed_field_names").val();
var unsigned_field_names=jQuery("#unsigned_field_names").val();
var bill_to_forename=jQuery("#bill_to_forename").val();
var bill_to_surname=jQuery("#bill_to_surname").val();
var bill_to_email=jQuery("#bill_to_email").val();
var bill_to_phone=jQuery("#bill_to_phone").val();
var bill_to_address_line1=jQuery("#bill_to_address_line1").val();
var bill_to_address_city=jQuery("#bill_to_address_city").val();
var bill_to_address_state=jQuery("#bill_to_address_state").val();
var bill_to_address_country=jQuery("#bill_to_address_country").val();
var bill_to_address_postal_code=jQuery("#bill_to_address_postal_code").val();
var signed_date_time=jQuery("#signed_date_time").val();
var locale=jQuery("#locale").val();
var card_type=jQuery("#cybersource_cc_type").val();
var card_number=jQuery("#cybersource_cc_number").val();
var card_expiry_date=jQuery("#cybersource_expiration").val();
var params ='access_key='+access_key+ '&profile_id='+profile_id+ '&signed_field_names='+signed_field_names+ '&bill_to_forename='+bill_to_forename+ '&bill_to_surname='+bill_to_surname+ '&bill_to_email='+bill_to_email+'&bill_to_phone='+bill_to_phone+'&bill_to_address_line1='+bill_to_address_line1+'&bill_to_address_city='+bill_to_address_city+'&bill_to_address_state='+bill_to_address_state+'&bill_to_address_country='+bill_to_address_country+'&bill_to_address_postal_code='+bill_to_address_postal_code+'&signed_date_time='+signed_date_time+'&locale='+locale+'&card_type='+card_type+'&card_number='+card_number+'&card_expiry_date='+card_expiry_date;
//alert(url);
var http= new XMLHttpRequest();
http.open("POST", url, true);
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http.send(params);
//Send the proper header information along with the request

http.onreadystatechange = function() {//IT NEVER COMES BACK TO THIS SECTION
    if(http.readyState == 4) {
        alert(http.responseText);
        console.log("I came back");
    }
}

Answer 1

I don't believe the CyberSource endpoints allow AJAX calls. Given that AJAX calls are not supported, the CyberSource endpoint does not have CORS configured, hence your seeing errors when making AJAX calls.

According to the documentation for Silent Order POST the form should be submitted and the user redirected. Once the payment is processed, CyberSource will redirect the user to the appropriate page. This is very similar to the flow used for CyberSource Secure Acceptance Web/Mobile, and completely different from the flows used by Adyen, Braintree, or Stripe (which do make AJAX calls whose responses should be processed by your server).

Answer 2

CyberSource Secure Acceptance Silent Order Post is meant to be an HTTP FORM POST like when you hit the submit button on a form and POST it to an endpoint. It does not support posting data to through AJAX.

The correct API to use here is the CyberSource Flex API. This is designed for AJAX calls similar to the Stripe. You can find the documentation for this API on the Visa Developer Portal - Visa owns CyberSource.