After a successful payment, if user clicks on the "Return to merchant" button from PayPal, he is redirected to page cart/checkout/complete.
But at the same time, browser displays an unwanted scary security warning about moving to a http page from a https page.
At this point, user is forced to click whether "Continue" or "Cancel".
If user clicks "Continue", he will be then redirected to cart with message "Thank you for your order! PayPal will notify us once your payment has been processed.", and can no longer see the useful information displayed on cart/checkout/complete.

This is a major problem that can easily be fixed:
Instead of sending value 2 to PayPal for variable rm (Return Method), 1 should be sent.
This way, the "Return to merchant" button is rendered as a simple link to cart/checkout/complete and no security warning is displayed.

For information, rm=2 is only useful when you want to use POST data sent back by PayPal when returning to merchant. But page callback uc_paypal_complete does not use it at all so it makes no sense here.

Files: 
CommentFileSizeAuthor
#2 paypal_wps_return_warning-1535634-2.patch598 bytesanrikun
PASSED: [[SimpleTest]]: [MySQL] 2,051 pass(es).
[ View ]
#1 paypal_wps_return_warning-1535634-1.patch588 bytesanrikun
PASSED: [[SimpleTest]]: [MySQL] 1,486 pass(es).
[ View ]

Comments

Assigned:anrikun» Unassigned
Status:Active» Needs review
StatusFileSize
new588 bytes
PASSED: [[SimpleTest]]: [MySQL] 1,486 pass(es).
[ View ]

The very simple patch:

Version:6.x-2.x-dev» 7.x-3.x-dev
StatusFileSize
new598 bytes
PASSED: [[SimpleTest]]: [MySQL] 2,051 pass(es).
[ View ]

The same big patch for 7.x-3.x :-)

Status:Needs review» Fixed

Confirmed and committed, thanks for the patches.

This may have to be revisited for #1421298: Is there any Paypal PDT support? but it's a quick fix for now.

Status:Fixed» Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.

Issue summary:View changes

Fixed a typo.