CSRF token missing when trying to verify IPN message
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I reply to the sandbox url with the same message I get from the IPN (prefixed with cmd=_notify-validate)
and this error comes back from the paypal server:
status code/message: Forbidden (403)
body: {"coBrand":"us","currentYear":2018,"viewName":"response500","showFooter":{"type":"imageAndContent"},"rootTxn":{"name":"signin_csrftoken_error","data":{"msg":"CSRF error: CSRF token missing"},"status":"0"},"csrfError":true,"genericErrorCode":"cookieDisabled"}
When I sniffed with Chrome dev tools or Fiddler the request coming out of IPN simulator I've noticed that a csrf_token is presend both as a header and on the body.
But the message that gets to my IPN listener eventually doesn't contain it.
What could be the problem?
- Labels:
-
Payments REST APIs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SOLVED.
I was converting the body of the message received from the IPN into JSON, and when converting it back to a x-form-urlencoded I had a bug.
I guess paypal server misplaced it as a different kind of message and was requesting a CSRF token.
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- IPN works in sandbox but not live in Sandbox Environment
- When I do PayPal capture Order, I keep on getting Invalid Request Connection in REST APIs
- PAYMENT.SALE.COMPLETED signature verification failed in sandbox mode in REST APIs
- I Have PayPal API Billing Authentication Failure Python-Flask in REST APIs
- Need Help Upgrading to PayPal complete payments in PayPal Upgrade Community