- This topic has 5 replies, 4 voices, and was last updated 11 years, 2 months ago by
.
-
Posts
-
Hi,
I got a message from Paypal today saying that they are updating their IPN/PDT scripts. I would like to know how is this going to affect the eMember script and if you have any updates for when this happens. I am pasting the message I got below.
Thanks,
Julio
Dear Julio XXXXX,
In a bulletin dated October 18, 2011, we announced that we were going to expand the number of IP addresses for http://www.paypal.com to improve our site’s performance, scalability and availability. As part of this transition, we planned to discontinue support for HTTP 1.0 protocol starting February 1, 2013.
We have recently identified that this change may impact the ability of some of our merchants to perform IPN (Instant Payment Notification) post-back validation or PDT (Payment Data Transfer) posts to http://www.paypal.com. This happens when the IPN or PDT scripts use HTTP 1.0 protocol and do not include the “Host: http://www.paypal.com” header in the HTTP request.
Additional Details
Starting February 1, 2013, we will require all incoming requests to have a “Host” header which complies with HTTP 1.1 Specifications. This header was not required under HTTP 1.0. IPN and PDT scripts using HTTP 1.0 may start failing with “HTTP/1.0 400 Bad Request” errors after February 1, 2013, which will result in IPN messages not being validated successfully, or PDT scripts not being able to retrieve transaction information.
Action Required before February 1, 2013
Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the “Host” header in the IPN postback script.
Example:
ASP
//Set values for the request back
req.Method=”POST”;
req.Host=”‘www.paypal.com'”;
req.ContentType=”application/x-www-form-urlencoded”;
Perl
$req=HTTP::Request->new(‘POST’, ‘https://www.paypal.com/cgi-bin/webscr’);
$req->content_type(‘application/x-www-form-urlencoded’);
$req->header(Host=> ‘www.paypal.com’);
PHP
// post back to PayPal system to validate
$header .=”POST /cgi-bin/webscr HTTP/1.1rn”;
$header .=”Content-Type: application/x-www-form-urlencodedrn”;
$header .=”Host: ‘www.paypal.comrn’;;
Java
HttpsURLConnection uc=(HttpsURLConnection) u.openConnection(); uc.setDoOutput(true);
uc.setRequestProperty(“Content-Type”,”application/x-www-form-urlencoded”); uc.setRequestProperty(“Host”,;’www.paypal.com’
; The PayPal Sandbox has been configured to reject any HTTP requests without the “Host” header with HTTP 400 error. Merchants can use the Sandbox environment to certify the changes to their IPN and PDT scripts.
For more information on PDT and IPN, please refer to http://www.paypal.com/pdt and http://www.paypal.com/ipn. For additional information or questions about this change, please contact PayPal’s Merchant Technical Support team via https://www.paypal.com/mts.
Sincerely,
PayPal
Hi,
Thanks for the info.
Rest assured when it comes to updates and testing we are quite pro-active and if and when the time comes that something needs changing we will update our plugins.
As per usual you can then upload the latest version by following the procedure as per:
https://support.tipsandtricks-hq.com/forums/topic/re-install-or-load-a-fresh-build-of-the-plugins
Hi Peter,
What versions of wp-eStoreuse HTTP 1.1 and use the HOST header as described in the email above? I’m running version 5.5.6 and I’d like to know if I should upgrade before 2/13/12 when PayPal makes this change.
Best, Jerry
Hi Jerry,
For starters you should probably upgrade anyway because you have an old version of eStore.
Please follow these instructions to upgrade:
https://support.tipsandtricks-hq.com/forums/topic/re-install-or-load-a-fresh-build-of-the-plugins
Regarding any changes to eStore to reflect PayPal’s email, I’ll let Admin answer that.
Thanks Peter. I’ll do that. In the meantime, my client has been pressing me for a plan of action, and my guess is that any wp-estore user that uses paypal would be wondering the same thing.
Thanks again, Jerry
- You must be logged in to reply to this topic.