cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Hampstead
‎10-12-2016 10:45 AM

"Forbidden" and "Unexpected token R in JSON" errors.

Dear Sir/Madam,


In sandbox mode, the payments worked always Ok. However, yesterday, even though nothing changed in my code, I started receiving the errors:
- "POST https://connect.squareup.com/v2/card-nonce 403 (Forbidden)"
- "Uncaught SyntaxError: Unexpected token R in JSON at position"


Here is more detailed error message as displayed in Chrome Developement Tools:
--------------------------------------
iframe?type=cardNumber:29 POST https://connect.squareup.com/v2/card-nonce 403 (Forbidden)i.post @ iframe?type=cardNumber:29r.requestNonce @ iframe?type=cardNumber:28r.requestCardNonceIfValidForm @ iframe?type=cardNumber:28r @ iframe?type=cardNumber:28e @ iframe?type=cardNumber:28s @ iframe?type=cardNumber:28
iframe?type=cardNumber:29 Uncaught SyntaxError: Unexpected token R in JSON at position 0s.onreadystatechange @ iframe?type=cardNumber:29
-------------------------------------

Please Help!

Thank You!

Nikolay

Tags (1)
Reply
0 Kudos
3,907 Views
Message 1 of 6
Report
5 REPLIES 5
Sean
Square
‎10-13-2016 11:24 AM

@Hampstead - After reporting your issue to our API Team, they've been unsuccessful at replicating what you've described. Would you mind sharing what browser you're using, as well as a code sample of how you're implementing the Payment Form?


Sean
he/him/his
Product Manager | Square, Inc.
Reply
3,885 Views
Message 2 of 6
Report
Hampstead
‎10-13-2016 12:29 PM

In response to Sean

Thank you for your answer.

Browser is Chrome 53.0.2785.143 m (64-bit) for Windows. The code worked before. Nothing has changed afterwards. The only thing that I can think of is that I am using self-signed certificate on the website the form is submiited from.

Here is the code:
-------------------------- In <head> ---------------------

<link href="/stylesheets/credit_card.css" rel="stylesheet" type="text/css" />
 <script src="/scripts/lobibox.js"></script>  
 <script type="text/javascript" src="https://js.squareup.com/v2/paymentform"></script>  
   
 


-------------------------- In <body> ---------------------

 

Reply
0 Kudos
3,882 Views
Message 3 of 6
Report
Hampstead
‎10-13-2016 12:33 PM

In response to Hampstead

<script type="text/javascript">

var bbr_mls_cc_err_number = "Please enter valid credit card number.";
var bbr_mls_cc_err_exp = "Please enter valid credit card expiration date.";
var bbr_mls_cc_err_cvc = "Please enter valid card verification code.";
var bbr_mls_cc_err_postal_code = "Please enter valid postal code.";
</script>

<script type="text/javascript">

var sqTranslations = {
"Credit card number is not valid" : bbr_mls_cc_err_number,
"CVV is not valid": bbr_mls_cc_err_cvc,
"Expiration date is not valid" : bbr_mls_cc_err_exp,
"Postal code is not valid" : bbr_mls_cc_err_postal_code
}
var sqPaymentForm = new SqPaymentForm({
// Replace this value with your application's ID (available from the merchant dashboard).
// If you're just testing things out, replace this with your _Sandbox_ application ID,
// which is also available there.
applicationId: 'sandbox-sq0idp-LM7Elz6g-4BoZS64z3ae4Q',
inputClass: 'sq-input',
cardNumber: {
elementId: 'sq-card-number',
placeholder: "0000 0000 0000 0000"
},
cvv: {
elementId: 'sq-cvv',
placeholder: 'CVC'
},
expirationDate: {
elementId: 'sq-expiration-date',
placeholder: 'MM / YY'
},
postalCode: {
elementId: 'sq-postal-code',
placeholder: 'Postal Code'
},
inputStyles: [
// Because this object provides no value for mediaMaxWidth or mediaMinWidth,
// these styles apply for screens of all sizes, unless overridden by another
// input style below.
{
fontSize: '14px',
padding: '3px'
},
// These styles are applied to inputs ONLY when the screen width is 400px
// or smaller. Note that because it doesn't specify a value for padding,
// the padding value in the previous object is preserved.
{
mediaMaxWidth: '400px',
fontSize: '18px',
}
],
callbacks: {
cardNonceResponseReceived: function(errors, nonce, cardData) {
if (errors) {
$("#loading-div-background").hide();
// var errorDiv = document.getElementById('errors');
// errorDiv.innerHTML = "";
var msg = '', sep = '';
errors.forEach(function(error) {
if (sqTranslations.hasOwnProperty(error.message)){
error.message = sqTranslations[error.message];
}
msg += sep + error.message;
sep = "<br>\n";
});
Lobibox.alert('error', {
"msg": msg
});
} else {
// This alert is for debugging purposes only.
// alert('Nonce received! ' + nonce + ' ' + JSON.stringify(cardData));
// Assign the value of the nonce to a hidden form element
var nonceField = document.getElementById('card-nonce');
nonceField.value = nonce;
// Submit the form
// document.getElementById('form').submit();
$('#btn_submit_form').trigger('click');

}
},
unsupportedBrowserDetected: function() {
// Alert the buyer that their browser is not supported
}
}
});
function submitButtonClick(event) {
$("#loading-div-background").show();
event.preventDefault();
sqPaymentForm.requestCardNonce();
}
</script>

Reply
0 Kudos
3,879 Views
Message 4 of 6
Report
Hampstead
‎10-13-2016 12:34 PM

In response to Hampstead

<style type="text/css">
.sq-input {
border: 1px solid #CCCCCC;
margin-bottom: 10px;
padding: 1px;
}
.sq-input--focus {
outline-width: 5px;
outline-color: #70ACE9;
outline-offset: -1px;
outline-style: auto;
}
.sq-input--error {
outline-width: 5px;
outline-color: #FF1010;
outline-offset: 0px;
outline-style: auto;
}

</style>

<div class="checkout">
<div class="checkout-header">
<h1 class="checkout-title">
Pay by Credit Card: $<div class="order_total">0.0</div>
<!-- <span class="checkout-price">$<div class="order_total">0.0</div></span> -->
</h1>
</div>

<div class="checkout-label checkout-card">Card Number:</div>
<div class="checkout-label checkout-exp">Exp:</div>
<div class="checkout-input checkout-card" id="sq-card-number"></div>
<div class="checkout-input checkout-exp" id="sq-expiration-date"></div>
<!--
<input type="text" class="checkout-input checkout-name" placeholder="Your name" autofocus>
<input type="text" class="checkout-input checkout-exp" placeholder="MM">
<input type="text" class="checkout-input checkout-exp" placeholder="YY">
-->
<!-- <input type="text" class="checkout-input checkout-card" placeholder="4111 1111 1111 1111"> -->
<div class="checkout-label checkout-postal">Postal Code:</div>
<div class="checkout-label checkout-cvc">CVC:</div>
<div class="checkout-input checkout-postal" id="sq-postal-code"></div>
<div class="checkout-input checkout-cvc" id="sq-cvv"></div>
<!-- <input type="text" class="checkout-input checkout-cvc" placeholder="CVC"> -->

<p>
<br>
<input type="hidden" id="card-nonce" name="squareNonce">

<button type="button" class="btn ehampstead_input_submit checkout-btn" id="card-nonce-submit" onclick="submitButtonClick(event)">&nbsp;&nbsp;Pay<span class="span_form_submit">></span></button>
<!-- <input type="submit" value="Purchase" class="checkout-btn"> -->
</p>
</div>
--------------------------

Your feedback will be appreciated.

Reply
0 Kudos
3,878 Views
Message 5 of 6
Report
Sean
Square
‎10-13-2016 01:43 PM

In response to Hampstead

@Hampstead - Our engineers recreated your website using your code and were able to successfully hit the `https://connect.squareup.com/v2/card-nonce` endpoint. In summary, there doesn't appear to be anything wrong with the code you submitted, and everything on our side is working as expected. They recommended that you look for potential issues in your server code or server configuration.


Sean
he/him/his
Product Manager | Square, Inc.
Reply
0 Kudos
3,873 Views
Message 6 of 6
Report
Anonymous

Square Community

Square Products

Resources

More

© 2025 Square, Inc.