Integration recommendations (RPP)
- Do not use the Redirect Payment Page in an iFrame.
To protect merchants and consumers PayU subscribes to the Open Web Application Security Project's (OWASP - https://www.owasp.org) group of standards, whose mission is to make software security visible so that individuals and organizations worldwide can make informed decisions about true software security risks.PayU does not recommend merchants develop their solution with the payment page in an iFrame as it poses a security risk to their customers due to various reasons, clickjacking being the more recent and notorious one - https://www.owasp.org/index.php/Cross_Frame_Scripting