Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support Payment gateway response URL not working
Payment gateway response URL not working
  • Offline anuragk
    Junior Member
  • **
  • Posts: 27
    Threads: 6
    Joined: Apr 2023
    Reputation: 0
#1
Question  05-15-2023, 01:32 AM

Hi,
I am trying to integrate the CCAvenue payment gateway into my project everything works but when I cancel the payment or the payment is successful, the payment gateway sends data to the response link for that I have created a function and route for that.
the function works when I call using the browser but when payment gateways try to redirect to that link, the payment gateway does not find the link and I get a 404 error by payment gateway, The page you're looking for cannot be found!

 I tried contacting the payment gateway and they say that the response page is not accessible by the payment gateway.

the routes I tried
Code:
$routes->post('response', 'Payment::paymentResponse');
or
$routes->match(['get', 'post'], 'response', [Payment::class, 'paymentResponse']);
Reply
  • Offline iRedds
    Senior Member
  • ****
  • Posts: 662
    Threads: 36
    Joined: Apr 2019
    Reputation: 45
#2
05-15-2023, 03:07 AM

If available in the browser. So everything works.
Maybe you are using a broken link for the gateway.
Or, for example, some of your global filters are blocking.
Reply
  • Offline anuragk
    Junior Member
  • **
  • Posts: 27
    Threads: 6
    Joined: Apr 2023
    Reputation: 0
#3
05-15-2023, 03:25 AM

(05-15-2023, 03:07 AM)iRedds Wrote: If available in the browser. So everything works.
Maybe you are using a broken link for the gateway.
Or, for example, some of your global filters are blocking.

yes, it's available in the browser.
what can be the issue?
Reply
  • Offline anuragk
    Junior Member
  • **
  • Posts: 27
    Threads: 6
    Joined: Apr 2023
    Reputation: 0
#4
05-15-2023, 11:18 AM

ok, it was the csrf filter causing a redirect so the CCAvenue gateway was unable to find the response page.
I disabled it and now everything works as expected.
but now the security is weak of course, so the question now is,
is there a way to just bypass csrf for the payment gateway response?

if not is there a way to send csrf value and key to the payment gateway and then receive the same and it will validate the post request?
I tried changing the csrf token name to one extra parameter which the payment gateway accepts and then I got the key and the value in the response but even then it didn't work, page was redirected and again response page was not found by the gateway response.

any help, how can we achieve this? without removing csrf filter?
Reply
  • Offline iRedds
    Senior Member
  • ****
  • Posts: 662
    Threads: 36
    Joined: Apr 2019
    Reputation: 45
#5
05-15-2023, 05:26 PM

CSRF uses cookies. The gateway will not send you cookies.
Disable the CSRF filter for this address.

Typically, payment gateways have mechanisms for verifying the data sent. This is basically enough.
Reply
  • Offline anuragk
    Junior Member
  • **
  • Posts: 27
    Threads: 6
    Joined: Apr 2023
    Reputation: 0
#6
05-15-2023, 11:08 PM

Thank you everyone for the reply.

the solution is to disable CSRF just for that particular route/link
for ex.


PHP Code:
public array $globals = [
        'before' => [
            'csrf' => ['except' => ['response']], 
Reply




Theme © iAndrew 2016 - Forum software by © MyBB