Be nice. Or else.
It's not. The only data exchanged between browser and server is an ID and a Stripe token for the credit card charge. The server pulls the price from a public JSON document, served over HTTPS. HTTPS is required so you don't get man-in-the-middled--I tried to enforce that as much as possible.
A few things:
I released an open source server designed to solve this problem. It will run for free on Heroku: https://json.expert/a-free-self-hosted-backend-for-stripe-checkout/
This is meant to be the simplest approach possible, allowing you to process transactions manually or collect donations.
If you were doing 100s of transactions per day or automating fulfillment, it would be more appropriate to invest in a full-featured back end.
Apologies, this is a re-post.
Cool stuff. I'd be interested to learn more about the underlying tech.
"available for 12 months following your AWS sign-up date"
Any recommendations for a replacement icon?
Sorry, I thought the "Show DN" would clarify.