Level 3
Hi randel33, did you find an answer to your question? I am in a similar position at the moment and it would be helpful to know what you figured out.
All best, Max
Oct 6, 2016
2
Level 5
Requesting tokens best practice: Stripe.js with Vue 1.0.*
When making token request with Stripe.js Docs. Stripe recommends using the data-stripe attribute in the input element. Like below.
<form action="/your-charge-code" method="POST" id="payment-form">
// Card Number
<input type="text" size="20" data-stripe="number">
// Expiration (MM/YY)
<input type="text" size="2" data-stripe="exp_month">
<input type="text" size="2" data-stripe="exp_year">
// CVC
<input type="text" size="4" data-stripe="cvc">
<input type="submit" class="submit" value="Submit Payment">
</form>
Stripe Says:
Do not give names to the payment details form elements! This prevents that data from touching your server, which means you no longer >need to worry about redacting logs, encrypting cardholder details, or other burdens of PCI compliance.
My question is: Can I use v-model in replace of data-stripe without compromising security? The below returns a valid token when ran, but is it acceptable?
// form info
<input type="text" size="20" v-model="card.number">
...
// script
export default {
data () {
return {
card: {
number: null,
cvc: null,
exp_month: null,
exp_year: null
}
}
},
ready () {
window.Stripe.setPublishableKey(KEY)
},
methods: {
onSubmitPayment () {
// Request a token from Stripe:
window.Stripe.card.createToken(this.card, this.stripeResponseHandler)
this.card = null
},
// stripeResponseHandler
.....
}
Level 5
Hi max76s,
I did not find an answer to this question.
Please or to participate in this conversation.