Changelog
We periodically release new versions of the VGS Show.js library whenever we make changes.
Version 2.2.2 (02/19/2025)
Fixed vulnerabilities.
Added validation rules for post messages.
Added
routeIdattribute support.
Version 2.2.1 (04/23/2024)
Fixed vulnerabilities.
Added CSP rules to the iframe to improve security.
Version 2.2.0 (03/05/2024)
Added CSP rules to the iframe to improve security.
Fixed security vulnerabilities.
Version 2.1.1 (12/07/2023)
Fixed the error message when the vault environment is not specified.
Version 2.1.0 (03/06/2023)
Added the
.retry()method to the frame, which allows retrying the HTTP request whenever possible.Added the
.unmount()method to the frame, which removes an iframe from the DOM and clears all internal references to the frame.
Version 2.0.2 (11/02/2022)
Fixed a looping issue that occurred in some cases and affected browser performance.
Version 2.0.1 (07/07/2022)
Fixed an issue where unescaped characters would be missing.
Version 2.0.0 (05/25/2022)
Fixed vulnerabilities.
Added
.setEnvironment(),setCname()methods.
Version 1.5 (12/10/2021)
Added the ability to send HTTP requests with the
FormData().Added
.on()/.off()listeners for the following events:requestSuccess,requestFail,revealSuccess,revealFail.
Version 1.4 (09/29/2021)
Added
withCredentialsparameter to the.request()method, which indicates that the request should be made using credentials.Fixed the bug related to revealing the same payload (tokens) for different
.request()methods.
Version 1.3
Added the ability to reveal the same payload (tokens) for different
.request()methods in one HTTP request.
Ensuring Script Integrity for PCI Compliance
With the introduction of PCI DSS version 4.0, a new requirement has been put forth to ensure the integrity of scripts that run on payment pages. Script Integrity is crucial in maintaining the security and trustworthiness of online payment systems, as any unauthorized modifications to these scripts could potentially lead to data breaches or fraudulent activities. To meet this requirement, organizations must implement mechanisms to verify the integrity of each script utilized on their payment pages.
With the introduction of PCI DSS version 4.0, a new requirement has been put forth to ensure the integrity of scripts that run on payment pages. Script Integrity is crucial in maintaining the security and trustworthiness of online payment systems, as any unauthorized modifications to these scripts could potentially lead to data breaches or fraudulent activities. To meet this requirement, organizations must implement mechanisms to verify the integrity of each script utilized on their payment pages.
2.2.2
sha384-70nFlhYfZpPZ0nh4E9kRCT2HXORAKatDFQXQP8Dxq8motfd35aSMMu9g6VE/oAIV
2025-02-19T21:47:04.000Z
2.2.1
sha384-3qbYQie/bJEfQqq3px5LohJx5u+54dTKUNKCF0zkBT+vYXFbpkLeOuCCjzMasktv
2024-04-23T12:26:34.000Z
2.2.0
sha384-kiKDirXBU4edzCB0t+i6LU3wL/gMlT51nn2yAKHvNzr+58J21OfT3U2JscAjRAX5
2024-03-04T20:32:03.000Z
2.1.1
sha384-KWsP3JIZ6Ah1oXbWCWm0fPWiLN/pFcc87anUK0bJgzGuCz6D6v15jFHTLh7rBD6z
2023-12-07T23:17:12.000Z
2.1.0
sha384-/7dRxL0Sb3hPx9vbg++zZuWs/U93E1RLkDgS0lwec9/o6O6zYk78Iuyb3Yo81sxw
2023-03-02T19:57:23.000Z
2.0.2
sha384-7lKpSwOH/giA4p/b7gWoGlMY2FRTJEBl21jfvoVJpM0UaQ2QDnGIzh+GukBXwgY/
2022-11-03T00:06:02.000Z
2.0.1
sha384-gfVmNUvPv/BVhaWuDPOpY0P/Rm81k2vQGTCkpdYcJQY0a+zu4VEkU18oivxqLc6o
2022-07-07T18:14:24.000Z
2.0.0
sha384-QmcoNvWg9HhC0IWzfKCSex519X+jecicvODmON+B3XLuFhqTsue40GRoL8Em6Y/q
2022-05-25T22:38:13.000Z
Example:<script type="text/javascript" src="https://js.verygoodvault.com/vgs-show/2.2.2/show.js" integrity="sha
Migrating from VGS Show.js v1 to v2
Migration Guide
For the Show.js v2, it's required to additionally set the vault environment: sandbox, live.
Integration examples
v1:
const show = VGSShow.create('<VAULT_ID>', function(state) {})
.setEnvironment('<ENVIRONMENT>');
v2:
const show = VGSShow.create('<VAULT_ID>', function(state) {})
.setEnvironment('<ENVIRONMENT>')
.setCname('my-cname.com');
Last updated