Cardinal Commerce 3DS integration

  • Resolved bredamcguigan

    (@bredamcguigan)


    2 months ago

    HI, we have received an email from Braintree saying they are upgrading the Cardinal Commerce 3DS integration. The said:
    We asked that merchants running SDK version 3.121.0 or higher with a Content Security Policy (CSP) in place add the domains by February 28th.  If you do not make these changes by May 15, 2026 your transactions will likely be impacted.  

    Add the following domains to your CSP: 
    • Production script-src: static.client.cardinaltrusted.com 
    • Production connect-src: *.cardinaltrusted.com 

    Not sure if this applies to you? 

    • SDK versions below 3.121.0 are not affected by this change. 
    • Merchants not using a CSP do not need to take any action. 

    Does this plugin look after this or do i need to do something on the Braintree account?

    thanks,

    Breda

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Clayton R

    (@mrclayton)

    2 months ago

    Hi @bredamcguigan

    Thank you for contacting Payment Plugins.

    Does this plugin look after this or do i need to do something on the Braintree account?

    The plugin does not control your CSP. Any changes made to your CSP would be at the webserver configuration level. If you have a hosting provider that manages your server you can request that they add those entries to your existing CSP. If you manage your webserver, then you can add those entries to the CSP.

    Kind Regards

    Thread Starter bredamcguigan

    (@bredamcguigan)

    1 month, 3 weeks ago

    thank you I’ll do that.

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.