0

I try to integrate my Django site with paypal, using external IPN. I create Django form, send it to https://www.paypal.com/cgi-bin/webscr,

everything okay, but after return from paypal to my site I got csrf_token error. Paypal return to index page of my site.

How can I fix it. Thanks,

  • You might want to post your code. Also, this sound like a more generic problem with the csrf_token. Without looking at your code, does this answer your question? http://stackoverflow.com/questions/3197321/csrf-error-in-django – Aaron Newton Jul 11 '12 at 12:23
  • 1
    Thanks, but I find resolution by my self I add @csrf_exempt decorator... –  Jul 11 '12 at 12:35
  • 1
    It looks like this person did the same - http://stackoverflow.com/questions/9861531/django-paypal-ipn-not-responding. On a security note, the PayPal IPN has been identified as vulnerable to CSRF attacks before http://www.eweek.com/c/a/Security/PayPal-Patches-Critical-Security-Vulnerabilities-807636/. Turning CSRF checks off as a solution is NOT unique to django either http://stackoverflow.com/questions/7628353/codeigniter-paypal-ipn-and-csrf-protection Anyone with a strong security background care to comment? – Aaron Newton Jul 11 '12 at 23:18

0 Answers0