If uMatrix is installed and whitelisting the domain is not enough, you should have a look at a thread I opened for a similar issue a couple days ago:
Broken payment form.
While investigating further to prepare a detailed bug report, I noticed that an option of uMatrix stayed active despite disabling content filtering on the domain: HTTP referrer spoofing when requests come from third-party websites. By disabling this behaviour for the gog.com domain, everything is back on tracks. I got tricked because I thought whitelisting the domain would disable all of uMatrix behaviours, but I noticed the change by fully disabling the extension instead.
For other people using uMatrix, here is the rule to add to ensure the payment form works as expected:
referrer-spoof: gog.com false
---
Ice_Mage: 1. Enter
about:profiles into the address bar.
2. Create a new profile. It will be set as the default, so first set your old profile as default again.
3. Then launch the new profile in a new window and check if the problem persists there.
Beware that on some setups, some extensions can still be active even in a new profile. This is the case if you run Debian and some extensions are installed from the distribution repositories rather than from Mozilla extensions store. This is what prevented me to notice quickly that uMatrix was the cause of the issue in my case.
