pancakes

MicrostockGroup Sponsors

Envato Elements

Author Topic: Changes at Paypal that Affect IPN  (Read 1445 times)

0 Members and 1 Guest are viewing this topic.

redwater

  • retro stock illustrations
« on: September 06, 2013, 14:45 »
0
I just received this e-mail from Paypal:
"In a bulletin dated October 18, 2011, we announced that we were going to expand the number of IP addresses for www.paypal.com to improve our sites performance, scalability and availability. As part of this transition, we planned to discontinue support for HTTP 1.0 protocol starting October 7, 2013.
We have recently identified that this change may impact the ability of some of our merchants to perform IPN (Instant Payment Notification) post-back validation or PDT (Payment Data Transfer) posts to www.paypal.com and ipnpb.paypal.com. This happens when the IPN or PDT scripts use HTTP 1.0 protocol and do not include the Host: www.paypal.com or Host: ipnpb.paypal.com header in the HTTP request.
Additional Details
Starting October 7, 2013, we will require all incoming requests to have a Host header which complies with HTTP 1.1 Specifications. This header was not required under HTTP 1.0. IPN and PDT scripts using HTTP 1.0 may start failing with HTTP/1.0 400 Bad Request errors after October 7, 2013, which will result in IPN messages not being validated successfully, or PDT scripts not being able to retrieve transaction information.
Action Required before October 7, 2013
Merchants need to update their IPN and/or PDT scripts to use HTTP 1.1, and include the Host and Connection: close HTTP header in the IPN postback script.

My question is: Do we need to do anything for our Symbiostcok sites? Will this change impact our symbiostock Paypal IPN?
Thanks in advance for any feedback.


Leo Blanchette

« Reply #1 on: September 06, 2013, 15:32 »
0
Thanks for posting that! I'll look into it right away. Every time I set up something to work with an external system something changes!  >:(

« Reply #2 on: September 06, 2013, 16:05 »
0
are you sure this is not some sort of a scam? I have found the same text on the web but with different dates:

In a bulletin dated October 18, 2011, we announced that we were going to expand the number of IP addresses for www.paypal.com to improve our sites performance, scalability and availability. As part of this transition, we planned to discontinue support for the HTTP 1.0 protocol starting February 1, 2013.

We have recently identified that this change may impact the ability of some of our merchants to perform IPN (Instant Payment Notification) post-back validation or PDT (Payment Data Transfer) posts to www.paypal.com. This happens when the IPN or PDT scripts use the HTTP 1.0 protocol and do not include the Host: www.paypal.com header in the HTTP request.

Additional Details Starting February 1, 2013, we will require all incoming requests to have a Host header which complies with HTTP 1.1 Specifications. This header was not required under HTTP 1.0. IPN and PDT scripts using HTTP 1.0 may start failing with HTTP/1.1 400 Bad Request errors after February 1, 2013, which will result in IPN messages not being validated successfully, or PDT scripts not being able to retrieve transaction information.

Your Action Required before February 1, 2013 You will need to update your IPN and/or PDT scripts to use HTTP 1.1, and include the "Host: www.paypal.com" and "Connection: close" HTTP headers in the IPN and PDT scripts.
« Last Edit: September 06, 2013, 16:08 by cidepix »

Leo Blanchette

« Reply #3 on: September 06, 2013, 16:23 »
0
 GOOD CATCH! That one got by me! Thats pretty clever.

« Reply #4 on: September 06, 2013, 16:40 »
0
it might still be legit but if it didn't break anything on February 1 2013, why would it now? and why was the date extended..

I have seen many forums discussing this issue.. some prior to February 1 2013, and some more recently with the new dates..

isn't HTTP 1.0 pretty old anyway.. I have a feeling that this warning is more like for "ancient sites" but I might be wrong..

Ron

« Reply #5 on: September 06, 2013, 16:41 »
0
Not sure how that is a scam as you are not giving them anything and the links to PayPal are just that.

Here is the live site status with all updates. Go nuts.

https://www.paypal-notify.com/eventnotification/search?eventSearchType=PayPalSiteStatus

Ron

« Reply #6 on: September 06, 2013, 17:06 »
0

Microstock InsiderEnvato Elements

 

Related Topics

  Subject / Started by Replies Last post
6 Replies
2703 Views
Last post December 23, 2007, 02:19
by Lee Torrens
7 Replies
3820 Views
Last post September 09, 2010, 20:11
by Freedom
1 Replies
1367 Views
Last post November 29, 2010, 11:54
by sharpshot
0 Replies
1253 Views
Last post March 17, 2014, 17:10
by einstein
42 Replies
5974 Views
Last post June 11, 2015, 12:29
by robhainer

Sponsors

Microstock Poll Results

Sponsors

Envato Elements