Hacker News new | ask | show | jobs
by encoderer 4187 days ago
It must've been broken on the server too then? I call BS...

The way stripe checkout works, that token is passed to your server and you do an API request to stripe with the token. The token merely represents your card. The charge is done on the server.

I'll take the downvote rather than pile-on with criticism that is almost certainly misplaced. I find it very unlikely the GP downloaded the movie for free. If i'm wrong, I'll gladly retract, but the presence of the test key in the comments is hardly an indication that it'll work on the server.
1 comments
mrtron 4187 days ago
It looks like the secret code was the test code, which accepts test cards:

4242424242424242 for Visa

And rejects test cards:

card_declined: Use this special card number - 4000000000000002.

link
sah88 4187 days ago
You would think if you're using the live secret code server side it would reject charge tokens coming from the public test code.

edit: To be clear I haven't tested this and don't have time today with xmas and such.

link
encoderer 4187 days ago
Like sah88 says, on the server when you connect to Stripe with your prod secret key, it will reject tokens made on your test key.
link