0
I have a question about the direct pay possibility. The 'Pay Now' button brings me to "../?option=com_invoices&view=payment&id=6"
When you change the payment id in the browser you are able to scroll through all the payments, also from other users, which is very undesirable of course.
Is there a way to avoid this?
Thanks in advance for your answer!
When you change the payment id in the browser you are able to scroll through all the payments, also from other users, which is very undesirable of course.
Is there a way to avoid this?
Thanks in advance for your answer!
Responses (5)
-
Accepted Answer
-
Accepted Answer
0hello!
I'm so sorry for the delay, I missed this.
the reson for this is that the payment page is "open" so the payment processors (paypal, stripe) can reach the endpoint to confirm the payment. (so it can't be a "protected" endpoint)
we're working to include a security token to be passed to the payment platforms, so the page can't be reached just by changing the ID in the URL. -
Accepted Answer
Your Reply

Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »