Just clinet side code secure ?

Go to solution
daslicht
Contributor
Contributor
Posted on
‎Aug-01-2018 02:48 AM

Hi,

I saw this ReST example here:

https://developer.paypal.com/demo/checkout/#/pattern/confirm

It totally relies on teh client side code.

How to get sure that a user not just change the total amount without server side validation before executing the payment?

Someone suggested me just to call my server just before calling  actions.payment.execute() but that doesnt seam to be safe either.

The user could just remove that validation call cleint side?! 

 

Is there a way to enable origin checking on paypal ?

 

Best Regards

Marc

 

 

Login to Me Too
0 Kudos
Login to Reply or Kudo
1 ACCEPTED SOLUTION

Accepted Solutions
Solved

Go to solution
daslicht
Contributor
Contributor
‎Aug-08-2018 01:57 AM

Short answer, no. 

 

Anyone who knows how to edit clinet side code can change the price to his/her liking.

View solution in original post

Login to Me Too
0 Kudos
Login to Reply or Kudo
1 REPLY 1
Solved

Go to solution
daslicht
Contributor
Contributor
‎Aug-08-2018 01:57 AM

Short answer, no. 

 

Anyone who knows how to edit clinet side code can change the price to his/her liking.

Login to Me Too
0 Kudos
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.