Page Comparison

function getForm($token)
{
    $api_url = "https://core.fairandsmart.com/api";
    $organisation_id = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX";
    $model_id_or_alias = "YYYYYYYY-YYYY-YYYY-YYYY-YYYYYYYYYYYY";
    $user_id = "test fns";
    $callback = "https://www.fairandsmart.com";
    $iframe_event_target_origin = "http://localhost:8080";
    $body = "";
    
    $body = $body . "userid=" . $user_id;
    $body = $body . "&callback=" . $callback;
    $body = $body . "&iframe-events-target-origin=" . $iframe_event_target_origin;
    $curl = curl_init();

    curl_setopt_array($curl, array(
        CURLOPT_URL => $api_url . "/organisations/" . $organisation_id . "/consents/" . $model_id_or_alias . "/endpoint",
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_ENCODING => "",
        CURLOPT_MAXREDIRS => 10,
        CURLOPT_TIMEOUT => 30,
        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
        CURLOPT_CUSTOMREQUEST => "POST",
        CURLOPT_POSTFIELDS => $body,
        CURLOPT_HTTPHEADER => array(
            "Authorization: Bearer $token",
            "Content-Type: application/x-www-form-urlencoded",
        ),
    ));

    $response = curl_exec($curl);
    $err = curl_error($curl);

    curl_close($curl);

    if ($err) {
        echo "cURL Error #:" . $err;
    } else {
        $url = json_decode($response)->endpoint;
    }

    return $url;
}

<html>
    <body>
        <script type="application/javascript">
            window.addEventListener("message", messageListener, false);
            function messageListener(event) {
                console.log(event);
                if (event.data.startsWith('consent-receipt-callback/')) {
                    const callbackurlback = event.data.replace('consent-receipt-callback/', '');
                    window.location.assign(callbackurlback);
                }
            }
        </script>    
        <iframe width="700" height="500" src="<?php echo getForm(getToken()) ?>"></iframe>
    </body>
</html>