Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ENGA3-438]: Mobile banking redirect URI not working in Andoird Chrome. #309

Merged
merged 3 commits into from
Sep 8, 2022
Merged

[ENGA3-438]: Mobile banking redirect URI not working in Andoird Chrome. #309

merged 3 commits into from
Sep 8, 2022

Conversation

aashishgurung
Copy link
Contributor

@aashishgurung aashishgurung commented Sep 8, 2022
edited
Loading

1. Objective

Fix the issue of mobile banking redirect URI not working in Android chrome.

Jira Ticket: #438

2. Description of change

The HTTP_SEC_FETCH_SITE header returned none which indicates that the request is user originated even though it was originated from the mobile banking app. This caused the site to redirect to checkout page.

In this PR, we created a random unique token, saved it as a metadata to the order and added it to the return URI. When the site gets the redirect URI request, if the token is present, we check the token with the token saved in the order. If it matches we continue the process and show the success/failed page else we redirect to checkout page.

For now, it is just in mobile banking payment to solve the redirect URI issue. In the future we will implement this in all other payment methods as relying on HEADERs is not reliable.

3. Quality assurance

Use UAT testing mobile app and checkout with mobile banking payment. If it is not available then use the production keys and test in production environment.

🔧 Environments:

  • WooCommerce: v6.8.0
  • WordPress: v6.0.2
  • PHP version: 8.1
  • Omise plugin version: Omise-WooCommerce 4.23.3

[ENGA3-438]: A random unique token is dynamically created and added i…
696e272 
…n the return URI to validate that the request is coming from the indented source and not from the user's action like entering URI in the address bar.
@aashishgurung aashishgurung changed the title [ENGA3-438]: Redirect URI not working in Andoird Chrome. [ENGA3-438]: Mobile banking redirect URI not working in Andoird Chrome. Sep 8, 2022
@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 8, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 1 Code Smell

No Coverage information No Coverage information
0.0% 0.0% Duplication

@aashishgurung aashishgurung merged commit 232fe2e into master Sep 8, 2022
@kan98 kan98 deleted the feature/ENGA3-438 branch September 19, 2022 02:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kan98 kan98 kan98 approved these changes

@FhanOmise FhanOmise FhanOmise approved these changes

@tanawin-opn tanawin-opn tanawin-opn approved these changes

@ajzkk ajzkk ajzkk approved these changes

@som-m som-m Awaiting requested review from som-m

@new4762 new4762 Awaiting requested review from new4762

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@aashishgurung @kan98 @FhanOmise @tanawin-opn @ajzkk