On Fri, 2009-05-29 at 09:52 -0700, M Godshall wrote:
> Based on everything that I've read on the subject the last few days,
> it sounds like it's impossible to redirect a user to an external url
> with POST data. If that's the case, I really need some help figuring
> out a secure solution to the following scenario:
>
> My client wants to use the secure payment form provided by their
> payment provider's website. Here's how the process should work:
>
> 1. User submits form with basic information (no personal data) on
> client site
> 2. Client site validates the data from the form
> 3. Add sensitive account credentials to data (id and pin so the
> payment provider can identify my client's account)
> 4. Send user to payment provider's secure https website with basic
> information and client account credentials
> 5. User fills out payment information on payment provider's website
>
> The documentation only shows examples of sending this data (client id
> and pin) as hidden fields in a form, posting directly to the
> provider's url, but they don't recommend that approach for production
> environments for obvious security reasons. Unfortunately, their
> documentation and tech support don't offer any secure alternatives, so
> hopefully the Django community will be able to offer better insight.
>
> I explored urllib/urllib2, but I couldn't figure out a way to direct
> the user to the payment providers secure web page along with the data
> mentioned above. I'm certainly not an expert with these tools, so if
> you're aware of a solution please point me in the right direction.
>
> As a point of reference, the following code will give you an idea of
> what I'm trying to accomplish:
>
> def select_payment(request):
> if request.method == 'POST':
> form = PaymentForm(request.POST)
> if form.is_valid():
> values = {...} #cleaned form data, add client id and pin
> data = urllib.urlencode(values)
> url = 'https://www.xxx.com' #payment providers website
>
> #Idea 1
> full_url = url + '?' + data
> return HttpResponseRedirect(full_url) #Successfully redirects
> with data, but exposes client data in url. Not good.
>
> #Idea 2
> response = urllib2.urlopen(url, data)
> the_page = response.read()
> return HttpResponse(the_page) #This actually shows the form from
> the payment provider's website with the data I sent, but it shows it
> in my client's url. Instead, I need to send the user to the payment
> provider's website with this data so they can fill out the form on a
> secure page. This seems like it should be possible since I can post
> data to the url and get a response this way.
>
> else:
> form = PaymentForm()
> return render_to_response('payments.html', {'form': form},
> context_instance=RequestContext(request))
>
> If I can't find a way to make this work, I'll have to setup an SSL
> certificate for my client and have them host the form, but I'd really
> like to avoid this if possible. A big thanks to everyone from the
> Django irc who has helped me with this already. Hopefully I'll find
> some closure soon.
I'm not sure I understand completely, so correct me if I'm wrong, but it
seems like you want to avoid the obvious way of doing this, by writing
out a form on an SSL protected page, and having the user submit it, or
auto submitting it, and you want to avoid this to avoid having to get an
SSL certificate?
If you think about it, this is impossible. You have the extra secret
information, and it is the user who must present this extra information
to the payment processor. Without having your own SSL certificate, there
would be no way to securely get that information to the user. Finally,
users are not impressed by commerce sites who don't do the checkout
process over SSL, so its worth doing just to 'get the padlock'.
Is there service provided by the payment processor for you to pass the
data to the payment processor over a back channel, exchange for a token,
and then redirect the user to their site with said token? Otherwise, you
have to certificate up. Sorry.
Cheers
Tom
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
