|
|
|
|
|
|
by llambda
5283 days ago
|
|
|
As I understand Stripe, if a user doesn't have JS enabled you shouldn't be displaying the form. The idea is that the Stripe JS SDK pulls the values out of the form and then returns a tokenized representation of the payment which is processed on the backend. Thus the server never actually handles payment credentials directly, i.e. your cc and such are not POSTed to the backend. I think this is how they get around some of the more stringent PCI compliance requirements. |
|
|