Hi Alberto,
Yes, not clear … sorry !
`Here’s what happened:
I regularly test my site to make sure everything is working, and recently I noticed that the “pay with paypal” button no longer appears at the bottom of the shopping cart.
Using Brave’s development tools (Chrome), I see that resources to various paypal domains are blocked (CORS), and that a request to https://api2.amplitude.com/2/httpapi is also blocked.
I had already added urls to paypal in header.php, with tag <meta http-equiv=”Content-Security-Policy”>, but to find this button again, I had to add others.
For example:
https://www.paypal.com/xoplatform/logger/api/logger
or
https://www.paypal.com/tagmanager/pptm.js
and also the url to amplitude.com:
https://api2.amplitude.com/2/httpapi
The subject of my question was not about these new “paypal” urls to be unblocked, as I have the impression that paypal is making changes at the moment, but it was mainly about this request to amplitude.com which is a data analysis company.
And I don’t really see why I should give my data to amplitude (whom I don’t know) so that they can make money with my data (or my customers’ data, for which I’m responsible).
“Unfortunately, I can no longer find these queries blocked in the console, since I’ve taken the necessary steps to ensure that they’re no longer there, and that paypal works on my site.
To this day, I’m happy to be able to continue offering paypal on my site, but I know that other people also know about these transactions (not just me, my customer and paypal).
I don’t know the people at paypal, but I chose to work with them anyway because they provide me with a service, even if they use me.
But amplitude.com: I don’t know anyone there, they don’t provide me with any service, and they use me silently.
Hence my question: is it essential to accept these requests to amplitude.com?
That wasn’t an attack on you at all!
Best regards
