DEV Community

Discussion on: Integrate a Stripe Payment with React

cjav_dev profile image
CJ Avilla • Edited on

Thanks for sharing, @hajarnasr !

One thing I noticed was that passing the price value from the client would allow anyone to modify the value on the client side to pay whatever they want. This looks like a great way to handle donations where the customer pays what they want.

To avoid that vulnerability and ensure tight control over the price that customers pay, I'd pass reference to the items they are purchasing from the client and lookup the price value on the server.

Another note, stripe.createToken is older and doesn't support SCA, a feature you'll want in order to accept payments from someone in EU. Instead, I'd recommend using stripe.createPaymentMethod on the frontend and PaymentIntents on the server (instead of Charges).

hajarnasr profile image
Hajar | هاجر Author

Thanks so much for your helpful comment. @cjav_dev 🙂