[PLUGINS-257: Sec-fetch header is checked to determine whether the re… #284
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…quest is a user originated operation or not.
hpariwat
approved these changes
Jul 7, 2022
|
@aashishgurung ✅ works as expected krub. it's also blocked the second cart page (when it redirect from return_uri) to check out after the first checkout page is already done. |
kan98
approved these changes
Jul 7, 2022
new4762
approved these changes
Jul 7, 2022
aashishgurung
added a commit
that referenced
this pull request
Aug 30, 2022
* Revert "Update payment render (#290)" This reverts commit c1c925b. * Revert "[ENGA3-290]: Issue of displaying an error as an option of Online bank… (#296)" This reverts commit 665d76e. * Revert "fix release date" This reverts commit 3955645. * Revert "Update changelog" This reverts commit 66a4b73. * Revert "Release 4.23.2" This reverts commit f97965d. * Revert "Handle console error when fpx bank list is empty" This reverts commit 097938a. * Revert "remove release" This reverts commit df62a9f. * Revert "Update capabilities calling" This reverts commit 1178a7b. * Revert "update v4.23.2" This reverts commit ee6b493. * Revert "Handle retrive capabilities error" This reverts commit c3585af. * Revert "Revert "Revert "Merge pull request #287 from omise/add-rms""" This reverts commit ec0e648. * Revert "Revert "Revert "Feature/plugins 269 (#288)""" This reverts commit 02791e2. * Revert "Revert "Revert "Feature/plugins 245 (#285)""" This reverts commit 397a95c. * Revert "Revert "Revert "[PLUGINS-257: Sec-fetch header is checked to determine whether the request is a user originated operation or not. (#284)""" This reverts commit 654ffde.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
1. Objective
Prevent customer to reach return_uri before success payment
Jira: #257
2. Description of change
Sec-fetch header is checked to determine whether the request is a user originated operation or not. Created a new helper class request for it. This can be used to add request related helper function in the future.
Reference
HTTP_REFERER header was not present this time. We might need to change the implementation in Magento.
Reference
3. Quality assurance
http://{YOUR_BASE_PATH}/?wc-api=omise_callback&order_id={ORDER_ID}🔧 Environments: