Rails - Paypal 安全问题
我正在尝试处理交易付款。目前,我正在控制器的方法中重定向到 paypal url,并传入 url 中的变量。 Paypal 似乎将其转换为安全 - https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_flow&SESSION=lUAK-18U7c_uxbs0wYsKTqcO7tDjb9M4O2A0hqd4gsKhEyhlC0xCxFabBL8&dispatch=50a222a57771920b6a3d7b60 6239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081983b975b35e10fe14fd9a7167ca5aec13b
摘要: 用户表单 ->控制器方法->重定向到带有变量的 Paypal URL
这有多安全?在 Paypal 将其转换为安全格式之前,用户是否可以访问我重定向到的网址?我是否需要实施此 Rails Cast 上建议的加密 - http://asciicasts.com/episodes /143-paypal-security
我认为我需要,但如果不需要,我宁愿不这样做。
谢谢!
I'm trying to process a payment for a transaction. Currently I'm redirecting to a paypal url in a controller's method and passing in the variables in the url. Paypal seems to convert this to secure it - https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_flow&SESSION=lUAK-18U7c_uxbs0wYsKTqcO7tDjb9M4O2A0hqd4gsKhEyhlC0xCxFabBL8&dispatch=50a222a57771920b6a3d7b606239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081983b975b35e10fe14fd9a7167ca5aec13b
Summary:
User Form -> Controller Method -> Redirected to Paypal URL with variables
How secure is this? Can users access the url I'm redirecting to before Paypal converts it to a secure format? Do I need to implement the encryption recommended on this rails cast - http://asciicasts.com/episodes/143-paypal-security
I'm thinking I need to, but would rather not if it's not needed.
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
不确定您的安全问题,但您可能想看看 ActiveMerchant。它涵盖了大多数类型的 Paypal 付款方式,并且非常易于使用。
Not sure on your security question, but you may want to take a look at ActiveMerchant. It covers most types of Paypal payments, and is really easy to work with.