Invalid Signature in some cases

Created on 30 April 2024, 8 months ago
Updated 8 May 2024, 8 months ago

Problem/Motivation

In some case (URL is configured in subdirectorie : www.exemple.com/exemple/ ), a "q" parameter get is added by drupal after redirect paybox to a commerce site. When the module verifies the signature, this error occures : Invalid Signature because there is a new parameter "q=".

Steps to reproduce

Proposed resolution

I propose this solution :

--- SignatureChecker.php.origin 2024-04-30 09:40:48.066264000 +0200
+++ SignatureChecker.php 2024-04-30 09:41:17.065182000 +0200
@@ -39,6 +39,9 @@
if ('Signature' === $key) {
continue;
}
+ if ('q' === $key) {
+ continue;
+ }
$args[] = $key . '=' . urlencode($value);
}

Remaining tasks

User interface changes

API changes

Data model changes

Thanks

🐛 Bug report
Status

Needs review

Version

1.0

Component

Code

Created by

🇫🇷France ubobrest

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024