Release 29/04/2024

Version: 2024.04.29.1

Date: 29.04.2024

What's included?

  • Add the ability to disable saved cards via API
  • Components enhancements:
    • Reduce console error logging noise
    • Support wildcards for domain validation

Add the ability to disable saved cards via API

In this release, developers integrating with the REST API can now disable specific card_ids, ensuring enhanced control over recurring payment requests and card visibility at checkout. Key features include the addition of an is_active boolean parameter, defaulted to true upon card creation, allowing developers to deactivate cards as needed. When retrieving card details via GET requests, the is_active field is included in the response, providing visibility into a card's activation status. Additionally, developers can filter out disabled cards using the is_active query parameter in GET requests for card listings. To deactivate a card, developers can submit a PUT request with is_active:false.

Components enhancements

  1. Reduce console error logging noise:

In response to reported browser console errors stemming from security enhancements in Components, we've introduced a solution to mitigate issues encountered by certain merchants. These errors, triggered by unhandled exceptions, primarily arise from the receipt of excessive iframe messaging from various sources. While the ideal scenario would involve preventing the delivery of such messages altogether, our ability to do so is limited. Therefore, we've implemented a straightforward logging level configuration within the Acquired class. With this update, cross-domain failures will only be logged when the logging level is set to debug or trace, effectively silencing errors for merchants not requiring detailed debugging information. This enhancement aims to improve the browsing experience for affected users while maintaining necessary security measures.

  1. Support wildcards for domain validation:

To address a request from a merchant, we have implemented support for wildcard domains in the allowlist. This functionality mirrors the behaviour of wildcard SSL certificates, allowing for the use of a single wildcard in the very first component and exclusively for a subdomain. When matching with the wildcard, the frontend is required to match a single subdomain component, ensuring compatibility and security.