Tagged: paypal ipn pdt update
September 12, 2012 at 9:32 pm #7388jfoppoliMember
I got a message from Paypal today saying that they are updating their IPN/PDT scripts. I would like to know how is this going to affect the eMember script and if you have any updates for when this happens. I am pasting the message I got below.
Dear Julio XXXXX,
In a bulletin dated October 18, 2011, we announced that we were going to expand the number of IP addresses for http://www.paypal.com to improve our site’s performance, scalability and availability. As part of this transition, we planned to discontinue support for HTTP 1.0 protocol starting February 1, 2013.
We have recently identified that this change may impact the ability of some of our merchants to perform IPN (Instant Payment Notification) post-back validation or PDT (Payment Data Transfer) posts to http://www.paypal.com. This happens when the IPN or PDT scripts use HTTP 1.0 protocol and do not include the “Host: http://www.paypal.com” header in the HTTP request.
Starting February 1, 2013, we will require all incoming requests to have a “Host” header which complies with HTTP 1.1 Specifications. This header was not required under HTTP 1.0. IPN and PDT scripts using HTTP 1.0 may start failing with “HTTP/1.0 400 Bad Request” errors after February 1, 2013, which will result in IPN messages not being validated successfully, or PDT scripts not being able to retrieve transaction information.
Action Required before February 1, 2013
Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the “Host” header in the IPN postback script.
//Set values for the request back
// post back to PayPal system to validate
$header .=”POST /cgi-bin/webscr HTTP/1.1rn”;
$header .=”Content-Type: application/x-www-form-urlencodedrn”;
$header .=”Host: ‘www.paypal.comrn’;;
HttpsURLConnection uc=(HttpsURLConnection) u.openConnection(); uc.setDoOutput(true);
The PayPal Sandbox has been configured to reject any HTTP requests without the “Host” header with HTTP 400 error. Merchants can use the Sandbox environment to certify the changes to their IPN and PDT scripts.
For more information on PDT and IPN, please refer to http://www.paypal.com/pdt and http://www.paypal.com/ipn. For additional information or questions about this change, please contact PayPal’s Merchant Technical Support team via https://www.paypal.com/mts.
PayPalSeptember 12, 2012 at 10:26 pm #49257PeterMember
Thanks for the info.
Rest assured when it comes to updates and testing we are quite pro-active and if and when the time comes that something needs changing we will update our plugins.
As per usual you can then upload the latest version by following the procedure as per:September 19, 2012 at 9:36 pm #49258jerry123Member
What versions of wp-eStoreuse HTTP 1.1 and use the HOST header as described in the email above? I’m running version 5.5.6 and I’d like to know if I should upgrade before 2/13/12 when PayPal makes this change.
Best, JerrySeptember 19, 2012 at 11:14 pm #49259PeterMember
For starters you should probably upgrade anyway because you have an old version of eStore.
Please follow these instructions to upgrade:
Regarding any changes to eStore to reflect PayPal’s email, I’ll let Admin answer that.September 20, 2012 at 5:30 pm #49260jerry123Member
Thanks Peter. I’ll do that. In the meantime, my client has been pressing me for a plan of action, and my guess is that any wp-estore user that uses paypal would be wondering the same thing.
Thanks again, JerrySeptember 21, 2012 at 7:33 am #49261adminKeymaster
Hi Jerry, current version of eStore already use HTTP1.1 so if you update eStore anytime before February 1, 2013 you are good.
- You must be logged in to reply to this topic.