It's not. The only data exchanged between browser and server is an ID and a Stripe token for the credit card charge. The server pulls the price from a public JSON document, served over HTTPS. HTTPS is required so you don't get man-in-the-middled--I tried to enforce that as much as possible.
I have a custom static shop, made using Jekyll and Snipcart. I really like your version, but it doesn't have support for stock! I am this close to paying for Shopify to take care of stock for me (and shipping, &c).
Excellent solution you've made though, bookmarking for when I create digital goods.
I am probably going to be putting this to great use soon. Thanks so much for building this and open sourcing it!
Love the 'wobble' on the payment form when you give incorrect information. Lovely!
Just to be pedantic, that's a Stripe thing and not a feature of this, but I agree it is very nice! Stripe's payment flow is genuinely fun because of all the nice animations and stuff.
LOVE the Stripe checkout integration. Great job!