Fixed insecure links in payment gateways.

Updated links for web payment software. Close #3048
opencart · May 27, 2015 · 9c86451 · 9c86451
1 parent 783e089
commit 9c86451
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 7 deletions.
diff --git a/upload/admin/controller/payment/amazon_checkout.php b/upload/admin/controller/payment/amazon_checkout.php
@@ -136,7 +136,7 @@ public function index() {
 
 		$data['action'] = $this->url->link('payment/amazon_checkout', 'token=' . $this->session->data['token'], 'SSL');
 
-		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token']);
+		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
 
 		if (isset($this->request->post['amazon_checkout_merchant_id'])) {
 			$data['amazon_checkout_merchant_id'] = $this->request->post['amazon_checkout_merchant_id'];

diff --git a/upload/admin/controller/payment/amazon_login_pay.php b/upload/admin/controller/payment/amazon_login_pay.php
@@ -135,7 +135,7 @@ public function index() {
 
 		$data['action'] = $this->url->link('payment/amazon_login_pay', 'token=' . $this->session->data['token'], 'SSL');
 
-		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token']);
+		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
 
 		if (isset($this->request->post['amazon_login_pay_merchant_id'])) {
 			$data['amazon_login_pay_merchant_id'] = $this->request->post['amazon_login_pay_merchant_id'];

diff --git a/upload/admin/controller/payment/securetrading_pp.php b/upload/admin/controller/payment/securetrading_pp.php
@@ -274,7 +274,7 @@ public function index() {
 
 		$data['action'] = $this->url->link('payment/securetrading_pp', 'token=' . $this->session->data['token'], 'SSL');
 
-		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token']);
+		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
 
 		$data['header'] = $this->load->controller('common/header');
 		$data['column_left'] = $this->load->controller('common/column_left');

diff --git a/upload/admin/controller/payment/securetrading_ws.php b/upload/admin/controller/payment/securetrading_ws.php
@@ -275,7 +275,7 @@ public function index() {
 
 		$data['action'] = $this->url->link('payment/securetrading_ws', 'token=' . $this->session->data['token'], 'SSL');
 
-		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token']);
+		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
 
 		$data['myst_status'] = !empty($data['securetrading_ws_csv_username']) && !empty($data['securetrading_ws_csv_password']);
 		$data['hours'] = array();

diff --git a/upload/admin/controller/payment/web_payment_software.php b/upload/admin/controller/payment/web_payment_software.php
@@ -78,9 +78,8 @@ public function index() {
 			'href' => $this->url->link('payment/web_payment_software', 'token=' . $this->session->data['token'], 'SSL')
 		);
 
-		$data['action'] = HTTPS_SERVER . 'index.php?route=payment/web_payment_software&token=' . $this->session->data['token'];
-
-		$data['cancel'] = HTTPS_SERVER . 'index.php?route=extension/payment&token=' . $this->session->data['token'];
+		$data['action'] = $this->url->link('payment/web_payment_software', 'token=' . $this->session->data['token'], 'SSL');
+		$data['cancel'] = $this->url->link('extension/payment', 'token=' . $this->session->data['token'], 'SSL');
 
 		if (isset($this->request->post['web_payment_software_login'])) {
 			$data['web_payment_software_merchant_name'] = $this->request->post['web_payment_software_merchant_name'];