Invalid Signature in some cases

Created on 30 April 2024, 7 months ago

Updated 8 May 2024, 7 months ago

Problem/Motivation

In some case (URL is configured in subdirectorie : www.exemple.com/exemple/ ), a "q" parameter get is added by drupal after redirect paybox to a commerce site. When the module verifies the signature, this error occures : Invalid Signature because there is a new parameter "q=".

Steps to reproduce

Proposed resolution

I propose this solution :

--- SignatureChecker.php.origin 2024-04-30 09:40:48.066264000 +0200
+++ SignatureChecker.php 2024-04-30 09:41:17.065182000 +0200
@@ -39,6 +39,9 @@
if ('Signature' === $key) {
continue;
}
+ if ('q' === $key) {
+ continue;
+ }
$args[] = $key . '=' . urlencode($value);
}

Remaining tasks

User interface changes

API changes

Data model changes

Thanks

🐛 Bug report

Status

Needs review

Version

1.0

Component

Code

Created by

🇫🇷France ubobrest

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @ubobrest
Comment 7 months ago →
🇫🇷France ubobrest
ubobrest → changed the visibility of the branch 3444293-invalid-signature-in to hidden.
Status changed to Needs review 7 months ago8:43am 8 May 2024
Comment 7 months ago →
adelgado12
Hi @ubobrest

Thanks for you contribution
I was unable to create a merge request from your branch, so i create here https://git.drupalcode.org/project/commerce_paybox_payment/-/merge_reque...

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024