The checkout form is not showing when embedded as an iframe OR x-frame options need to be made visible OR setting up CORS
1.1. Check X-frame options
Should your form be working fine when not embedded in an iframe, but stops working within the iframe, or if your webmaster has suggested that you need to make the x-frame options on the payment form visible, then you will need to do the following:
- Navigate to Setup > Develop > Sites. Click Edit next to the Payments form related site.
- Change the "Clickjack Protection Level" to "Don't allow framing by any page (Most protection)".
Then Go to Setup->Session Settings->Trusted Domains->Add Domain - Add Your website domain - *{yourwebsitedomain}".
NOTE the *.yourwebsite domain.
A common mistake is organisations add say https://mydomain.com, but there website actually uses https://www.mydomain.com (with the www. added, or some sites have removed the www.) Using the *.mydomain.com would cater for both scenarios.
1.2. Check you are using a secure URL
- Check the URL being used starts with"httpS://"(Not the "S" part). It has been the case with some organisations that when they've added the form to their website, they have missed this part.
- That the URL being used has ...secure.force.com.. in it (prior to Enhanced Domains Enablement), or ....salesforce-sites.com... (post Enhanced Domains Enablement [Jan 2023]) in it. Eg. "https://xxxxxx.my.salesforce-sites.com/"For more on this, check the setup procedure How to connect your new site to your Merchant Facility. MAKE sure the Base Site URL on the Merchant Facility is updated to have the secure URL.