Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
com.razorpay.cordova
Advanced tools
Official Cordova/Phonegap plugin for integrating Razorpay's checkout.
You can check out the sample apps for:-
Install the plugin
Note: For Windows users, please run this on Git Bash instead of Command Prompt. You can download Git for Windows here.
cd your-project-folder
cordova platform add android # optional
cordova platform add ios # make sure your ios version is ios@5 or latest.
cordova platform add browser # optional
cordova plugin add https://github.com/razorpay/razorpay-cordova.git --save
(or, phonegap plugin add https://github.com/razorpay/razorpay-cordova.git --save
)
Note: Make sure that you set Always Embed Swift Standard Libraries of your main target to yes.
Note: Remember to enable bitcode on your iOS project. We support Xcode 11+ versions.
With the advent of auto-capture
using Order API, the integration needs to change a little (only if you are using this flow). The only change is that the callbacks have to be added as events. Here is a code sample:
var options = {
description: 'Credits towards consultation',
image: 'https://i.imgur.com/3g7nmJC.png',
currency: 'INR',
key: 'rzp_test_1DP5mmOlF5G5ag',
order_id: 'order_7HtFNLS98dSj8x',
amount: '5000',
name: 'foo',
theme: {
color: '#F37254'
}
}
var successCallback = function(success) {
alert('payment_id: ' + success.razorpay_payment_id)
var orderId = success.razorpay_order_id
var signature = success.razorpay_signature
}
var cancelCallback = function(error) {
alert(error.description + ' (Error '+error.code+')')
}
RazorpayCheckout.on('payment.success', successCallback)
RazorpayCheckout.on('payment.cancel', cancelCallback)
RazorpayCheckout.open(options)
Change the options accordingly. Supported options can be found here.
We also support displaying wallets like Citrus and Paytm, which are currently not a part of the standard Razorpay offering. After the user chooses which one of these they want, control is handed back to you with data like wallet name, contact and email of the user. This helps you take the next steps towards facilitating the payment and Razorpay's role in that payment cycle ends there.
To add a wallet, change the options
JSON as follows:
var options = {
currency: 'INR',
key: 'rzp_test_1DP5mmOlF5G5ag',
amount: '5000',
external: {
wallets: ['paytm']
},
...
...
...
}
To get callback for this, add this before calling open
:
RazorpayCheckout.on('payment.external_wallet', externalWalletCallback)
This is legacy integration code and we will continue to support it till further notice. Your server needs to send capture request in this scenario, after the payment is completed.
var options = {
description: 'Credits towards consultation',
image: 'https://i.imgur.com/3g7nmJC.png',
currency: 'INR',
key: 'rzp_test_1DP5mmOlF5G5ag',
amount: '5000',
name: 'foo',
theme: {
color: '#F37254'
}
}
var successCallback = function(payment_id) {
alert('payment_id: ' + payment_id)
}
var cancelCallback = function(error) {
alert(error.description + ' (Error '+error.code+')')
}
RazorpayCheckout.open(options, successCallback, cancelCallback)
It is recomended that you read this first before proceeding with this section
Since our plugin launches a new activity on Android, the cordova activity goes in the background and might get destroyed by the Android System. For this scenario, you need to add the following code to make sure the payment result is delivered after the cordova activity is recreated:
// You need to register an event listener for the `resume` event
document.addEventListener('resume', onResume, false);
var onResume = function(event) {
// Re-register the payment success and cancel callbacks
RazorpayCheckout.on('payment.success', successCallback)
RazorpayCheckout.on('payment.cancel', cancelCallback)
// Pass on the event to RazorpayCheckout
RazorpayCheckout.onResume(event);
};
Add the integration code snippet after deviceready
event.
On browser platform, change the Content Security Policy to whitelist the razorpay.com
domain.
<meta http-equiv="Content-Security-Policy" content="default-src 'self' https://*.razorpay.com data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
ionic serve
at the moment. Try using ionic run browser
instead of ionic serve
. ionic serve
doesn't support cordova browser plugins at the moment. See driftyco/ionic-cli#354.If you are still not able to integrate, then go to FAQ.
We don't support capacitor because of the app support dependency, for more details go through this link.
FAQs
Cordova/Phonegap bindings for Razorpay's Mobile SDKs
The npm package com.razorpay.cordova receives a total of 101 weekly downloads. As such, com.razorpay.cordova popularity was classified as not popular.
We found that com.razorpay.cordova demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.