如何避免 ASP.NET Core MVC 中的 paypal 安全漏洞
[英]How to avoid paypal security breach in ASP.NET Core MVC
问题描述
I have implemented paypal payment in an ASP.NET Core MVC application, which involves collecting fees from students for their academic year.
我在 ASP.NET 核心 MVC 应用程序中实现了 paypal 付款,其中涉及向学生收取学年费用。
Currently I have used sandbox environment and I have almost completed the development using this support document.目前我使用的是沙盒环境,使用这个支持文档我几乎完成了开发。
But I'm stuck with a problem: all the GUID, PAYMENTID, TOKEN values are visible in URL itself after the payment is successful or failed (see screenshot shown here):但我遇到了一个问题:付款成功或失败后,所有GUID, PAYMENTID, TOKEN值都在 URL 本身中可见(参见此处显示的屏幕截图):
I am bit worried if this could lead to security breach, how to fix this?我有点担心这是否会导致安全漏洞,如何解决这个问题?
Kindly share your knowledge on how to hide these information and protect payment related details.请分享您关于如何隐藏这些信息和保护付款相关详细信息的知识。
Thanks for your time.谢谢你的时间。
1 个解决方案
解决方案1
0 2022-08-16 08:15:09
You may use JS SDK for handling Checkout at client side.您可以使用 JS SDK 在客户端处理 Checkout。 Together with REST API, payment information could be passed to backend for handling.与 REST API 一起,可以将支付信息传递到后端进行处理。
You may follow this tutorial from PayPal.您可以从 PayPal 开始学习本教程。
Please note that both Payments v1 API and PayPal .NET SDK are deprecated.请注意, Payments v1 API和PayPal .NET SDK均已弃用。
A direct REST API integration is recommended.
According to the Deprecation Notice for REST API SDK for Dotnet V2根据Dotnet V2 的 REST API SDK 的弃用通知
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.