New to the community? Welcome! Please read our Community Rules and Guidelines
I am setting up new subscription using PayPal's REST API v1 (the "/v1/billing/subscriptions" endpoint). When I am creating a new subscription for a customer I am having a problem: after a member approves the purchase and they get sent back to our website after approval, I have found that they are being sent twice to the return_url. I guess it can do this because the "initiator" script where it redirects from (" is still running after the initial redirect(?). This results in the first request being "canceled" in the web browser once the second request comes in. I am seeing the two requests in the developer tools regardless of which browser I use. This is problematic because the first page load (that was canceled from the user's perspective) will check that the subscription is approved at PayPal, update our database and send the user to the subscription landing page. The second page load (which is what the user sees) throws an error because it cannot do all those things.
I am adding a work-around to account for the two page loads, making the second page load wait and poll for the finalized order, then go to the landing page, or fail if the finalization does not happen in a reasonable amount of time. This is not ideal because I cannot react to any error that happen in the first request, plus it adds unnecessary complication. I feel like there should only be one post-approval redirect from PayPal and therefore one page load.
Is anyone else noticing this happening and what have you done about it? Is there a way to prevent the second redirect from PayPal?
Could there be an off chance the redirect is occurring on your server config? As in, paypal is trying to send the user to the "http" version of your url, and then your server bounces around to "https"? It was something that happened once for us as we force "https" urls for everything, and somehow paypal got a url with just "http" in front.
Just a thought. Might not be the case, but I've not seen paypal doing the redirect twice as you described.
Thanks for reading my question and your thoughtful response.
We do in fact force redirect from http to https in our setup, but those redirects happen pre-code and so do not affect the outcome. In the browser developer tool, I can see the (http -> https) 307 redirect for each one of the two requests in question, but only the https calls actually execute any code. Additionally, we are already running PayPal for one time purchases, and those are working fine (with that same http -> https 307 redirect) because I see only one post-payment-approval call. This issue only happens for the recurring billing/subscription approval returns.