Skip to content

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also .

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also .
  • 5 commits
  • 1 file changed
  • 0 commit comments
  • 2 contributors
Commits on Mar 06, 2013
@radiosilence radiosilence Handling bad request properly. a134ae2
@radiosilence radiosilence Not using poor quality URL encode. 074e76f
@radiosilence radiosilence More robust error handling. a28544c
@radiosilence radiosilence Encode IPN data based on request from PayPal, otherwise
IPN will not work/there will be an encoding error. This
is better than simply encoding as UTF-8 as what the
data needs to be encoded as depends on the account settings.

We also have to set encoding on the request object in order
for Django to pick up that the encoding is whatever it is
as opposed to assuming it's UTF-8.
be5d477
@emesik Merge pull request #9 from DjangoAdminHackers/master
Robustness fixes (PayPal encoding and bad request handling)
30bb9cc
Showing with 16 additions and 6 deletions.
  1. +16 −6 mamona/backends/paypal/views.py
View
22 mamona/backends/paypal/views.py
@@ -1,4 +1,4 @@
-from django.http import HttpResponse, HttpResponseRedirect, HttpResponseNotFound
+from django.http import HttpResponse, HttpResponseRedirect, HttpResponseNotFound, HttpResponseBadRequest
from django.shortcuts import get_object_or_404, render
from django.views.decorators.csrf import csrf_exempt
@@ -35,11 +35,21 @@ def ipn(request):
See https://cms.paypal.com/us/cgi-bin/?&cmd=_render-content&content_ID=developer/e_howto_admin_IPNIntro
for details."""
# TODO: add some logging here, as all the errors will occur silently
- payment = get_object_or_404(Payment, id=request.POST['invoice'],
- status__in=('in_progress', 'partially_paid', 'paid', 'failed'),
- backend='paypal')
- data = list(request.POST.items())
- data.insert(0, ('cmd', '_notify-validate'))
+ try:
+ payment = get_object_or_404(Payment, id=request.POST['invoice'],
+ status__in=('in_progress', 'partially_paid', 'paid', 'failed'),
+ backend='paypal')
+ except (KeyError, ValueError):
+ return HttpResponseBadRequest()
+ charset = request.POST.get('charset', 'UTF-8')
+ request.encoding = charset
+ data = request.POST.dict()
+ data['cmd'] = '_notify-validate'
+
+ # Encode data as PayPal wants it.
+ for k, v in data.items():
+ data[k] = v.encode(charset)
+
udata = urlencode(data)
url = get_backend_settings('paypal')['url']
r = urllib2.Request(url)

No commit comments for this range

Something went wrong with that request. Please try again.