Paypal redirection issue - django

Am using django-oscar-paypal for my new project,once i do the payment it successfully takes me
to paypal sandbox site,after clicking continue button the page is redirected to
URL shown:
https://site.com/checkout/paypal/preview/63/?token=EC-9DM94343UB249654R&PayerID=SDH6FPG9CK72L
This page shows 'SSL Connection error'.How do i remove https from the link.
How do i fix this??Need Help
I just need to remove https from the link,i think that might work,how do i remove that.If this is some other issues.PLease provide help

The ReturnURL is set in the SetExpressCheckout request, so you just need to adjust it there.
Looking at https://github.com/tangentlabs/django-oscar-paypal/blob/master/paypal/express/gateway.py you can see it's using a variable called "return_url". Just need to find where that is getting set and adjust it accordingly.

Related

link preview not working (shows 301) on shortened bitly links on Facebook

When posting a link on Facebook, after setting the open graph meta tags (e.g. og:title, og:image) it successfully shows a link preview as I intend it to. However after shortening the link with bit.ly, when I post it on Facebook the link preview becomes "301 moved permanently" with no image. I get the same with tinyurl, are there any specific tags I should be adding here? I have tried refreshing with the sharing debugger, re crawling, trying iterations of the url with http and https and it's all the same result with the short url
Answering my own question here for all those in the future who may also have this problem,
I had to actually go into my site settings and turn https redirecting off, and enable both http and https

Cookies not available in subdomain

I am using Spring Boot and While I am able to set the cookie on the server, it is available in the response on the browser, however it is not submitted in the further request, and reason seems to be a sub-domain issue. I will detail it with exact issue and content
Requesting Page: http://stgapi.py.com
it makes a API call -> http://secure.stgapi.py.com
Cookies is set with
Domain-> .py.com Also tried with .stgapi.py.com
path-> /
This is visible in the browser, however in the subsequent call to
http://secure.stgapi.py.com the cookies are not submitted
and hence re-login is requested and enters an infinite loop of login and failure.
Any help is much appreciated, entire web says this is how it works, not able to make it work.
After much brainstorming, figured out that we need to set
("Access-Control-Allow-Credentials", "true")
And client(User-Agent) should also send withCredrentials:true
Further ("Access-Control-Allow-Origin") should not be set to "*" and only one value(origin) is supported.
Reason: Being the above example is considered to be CORS request and not the way it looks at the very first place.

Cookies: Sent in request even after all have been deleted

I am confused about how cookies are set. It seems that cookies can be sent in the request header, even after I have deleted them all.
What I do:
In IE: delete all cookies (wrench-thing->safety->delete browsing history-> check all, except preserve favorites-> Delete)
Go to random site (google.com) and open the Network tab (F12/Network) - because it won't open from blank tab.
Make sure browsing history persists (tools-> clear entries on navigate-> uncheck both)
Click "Start capturing"
Go to site: http://www.klm.com/travel/dk_da/index.htm
Look at Network data. For the first url (http://www.klm.com/travel/dk_da/index.htm ), click "Go to detailed view". Click "cookies"
I look at the cookie that is being sent (in Cookies tab or under 'Request headers') and it's already sending 7 values, for example, EBT_JSESSIONID. But, where do these values come from? I haven't received anything at this point. I realize that cookies can be set via javascript, but I haven't loaded any js at this point either.
I am trying to figure this out as part of webscrabing. Really want to be able to do it without Selenium or the like, and need to generate/use the various IDs that are being passed around the various calls.
Using chrome in Mac we had this issue and restarting the browser did solve the issue. The scenario was weird because the value was being sent only for one specific HTML.

Cookie set serverside but not displaying in document.cookie

I'm trying to implement an answer from another question on this site:
Detect when browser receives file download
I've followed all of the steps and everything is working up to the point where I try to retrieve the cookie. When I use Firebug I can see the cookie that I created in the header response, along with a cookie that was created earlier in the app by javascript.
The info in firebug for the two cookies is:
name:earlierCookie,value:1234,Domain:localhost,Path:/,Expires:Session,HttpOnly:false
name:cookiefromServer,value:5678,Domain:localhost,Path:/resource/upload/file,Expires:Session,HttpOnly:false
So, you can see that the cookies are in the same domain (they have different paths). When looking at document.cookie, only earlierCookie is present.
Why can I see cookieFromServer in Firebug and not in document.cookie?
Also, please tell me if I need to post more info.
I figured this out on my own. The problem is the path. Setting path to / from the server allows the cookie to show up in document.cookie I have no idea why this is and can't find good resources explaining it.

Django: how to redirect to mailto

I have a Django admin action called "Email selected members". Check some members and click the Go button and the user's mail program is opened. The emails of the selected members have been pre-entered.
This works by a Django HttpResponseRedirect(uri) with the uri being "mailto:email1,email2..
where the addresses email1, email2 ... were looked up on the server.
The only problem is that that the browser re-directs to a blank page as well a opening the client mail program.
Is there any way to avoid this?
-- Peter
This question is a little old, but I just went through this and I think I can help anyone looking for an answer in the future.
I ran into this problem because the website I was building had a built-in tracking system that tracked the URLs of outbound links for self-hosted ads. If I don't redirect, there is no way (without changing the way it was implemented) to track the click, since I'm not using an API or anything.
The easy fix was to do what you did, sending back an HttpResponse() whose content is the meta tag
<meta http-equiv="refresh" content="0;url=mailto:youremail#test.com" />
This causes the page to refresh on load, which triggers the mailto: action.
Now we're left with an open window, but we can't close the window using Javascript's window.close() method. I do believe that this solution should work, however. Call that Javascript function after the refresh has been successful.
Unfortunately, I haven't tested this, but these two methods should accomplish a mailto: redirect that does not leave a blank window/tab behind.
Hope this helps!
Don't use HttpResponseRedirect. Just make the mailto: line a link. Email selected members
I don't think it is possible. RFC 2616 says re 302 redirect:
The temporary URI SHOULD be given by
the Location field in the response.
Unless the request method was HEAD,
the entity of the response SHOULD
contain a short hypertext note with a
hyperlink to the new URI(s)
So the blank page that I see is the (very) short hypertext note. The browser gets the redirect instruction, pops up a temporary page with the redirect message, then retrieves the redirected URL. But with a mailto: URL the temporary page obviously remains.