Disabled CSRF protection for IPN view#35
Open
anvio wants to merge 101 commits intojohnboxall:masterfrom
anvio:master
Open
Disabled CSRF protection for IPN view#35anvio wants to merge 101 commits intojohnboxall:masterfrom anvio:master
anvio wants to merge 101 commits intojohnboxall:masterfrom
anvio:master
Conversation
This reverts commit 6039d07. Partially. Conflicts: (apparently none) Some tweaking was required, this is a partial revert, to restore existance of: new file: standard/ipn/signals.py
PayPal uses an unspecified amount of decimals when returning an IPN with an exchange rate - this takes that into account! ALTER TABLE paypal_ipn ALTER COLUMN exchange_rate TYPE numeric(64, 16);
If the PayPal POST doesn't pass validation, we can't set flags to it without initializing. This still has the problem that the ipn object becomes empty, it should be populated with real data.
(cherry picked from commit 0e1f2c0)
…object rather than a boolean. Added support for manangeRecurringPaymentsProfileStatus.
…otes about possible signal changes.
…t for GetExpressCheckoutDetails
|
I also had to make this change and was about to submit my own pull request when I saw there is one already open. Seems to be a common problem: http://stackoverflow.com/questions/2580375/ipn-delivery-failed-http-error-code-403-forbidden Therefore, for what it's worth, I support this request. |
Author
|
You may want to have a look at the fork of dcramer |
|
Thanks, Anvio |
Fixes initialization of PayPalSharedSecretEncryptedPaymentsForm
…properly so the IPN was ignored, added new signal for failed subscriptions
On MySQL, ordering by date does not give the desired ordering of getting the most recently inserted row first. We need to order by the primary key too.
Making tests pass for standard.ipn for MySQL.
…l is never called by the code because this ipn has a txn_id
Added signals for recurring_payment_skipped and recurring_payment_failed
Fixed use of recurring_failed in the ipn_tests
The following payment status types are being added: - Canceled_Reversal - Refunded - Reversed - Voided The payment_status field in PayPalStandardBase is being modified. The max_length is now 17 to handle new types. Corresponding migrations for ipn and pdt exist. The following new IPN signals are being added: - payment_was_refunded - payment_was_reversed The following new methods are being added to PayPalStandardBase: - is_refund - is_reversed Added test for the new signals.
…lt of the postback verification to the PayPalPDTForm. When a PDT trnsaction is flagged, the flags set (if any) are not passed to the form that is used to update the pdt object. This commit fixes this issue.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
15 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
As of Django version 1.2 the CSRF protection is enabled by default. To make the IPN view work I had to disable the CSRF protection with the @csrf_exempt decorator .