最近学习一个flask项目,最后支付环节出问题,跳转到支付宝的接口后一直报
Cross-Origin Read Blocking (CORB) blocked cross-origin response,
还有
A cookie associated with a cross-site resource at was set without the SameSite
attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with SameSite=None
and Secure
. You can review cookies in developer tools under Application>Storage>Cookies and see more details at and .
要么就显示系统繁忙,请稍后重试
自己上网搜问题做过下面的处理
1.chrome://flags 中修改**SameSite by default cookie**s和**Cookies without SameSite must be secure**两项为disabled
2.安装cors包,初始化app**CORS(app, supports_credentials=True)**
以上均没有效果
下面是代码
# 创建支付宝sdk的工具对象
alipay_client = AliPay(
appid="2016102100733966",
app_notify_url=None, # 默认回调url
app_private_key_string=open(os.path.join(os.path.dirname(__file__), "keys/app_private_key.pem"), "r").read(),
# 私钥
alipay_public_key_string=open(os.path.join(os.path.dirname(__file__), "keys/alipay_public_key.pem"), "r").read(),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
# 手机网站支付,需要跳转到https://openapi.alipaydev.com/gateway.do? + order_string
order_string = alipay_client.api_alipay_trade_wap_pay(
out_trade_no=order.id, # 订单编号
total_amount=str(order.amount / 100.0), # 总金额
subject="爱家租房 %s" % order.id, # 订单标题
return_url="http://192.168.10.110:5000/paycomplete.html", # 返回的连接地址
notify_url=None # 可选, 不填则使用默认notify url
)
# 构建让用户跳转的支付连接地址
pay_url = alipay_client._gateway + "?" + order_string
return jsonify(errno=RET.OK, errmsg="OK", data={"pay_url": pay_url})
前端js
$.ajax({
url: "/api/v1.0/orders/" + orderId + "/payment",
type: "post",
dataType: "json",
headers: {
"X-CSRFToken": getCookie("csrf_token"),
},
success: function (resp) {
if ("4101" == resp.errno) {
location.href = "/login.html";
} else if ("0" == resp.errno) {
// 引导用户跳转到支付宝连接
location.href = resp.data.pay_url;
}
}
});