Paypal Standard live mode - IPN, PDT verification return (403) Forbidden

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
9 years ago
This was not a bug but due to the latest update in paypal, some merchants(mostly from outside of usa) are getting following response in ipn and pdt verification
The remote server returned an error: (403) Forbidden. For example here is a post who had same issue

I contacted with Paypal last week here is their response

"Thank you for contacting PayPal Merchant Technical Services.
This issue is caused by not passing User-Agent headers in your IPN post backs, it is latest update and that's why you may receive this error.
Please add User-Agent header in your IPN postback request.
The User-Agent request-header field contains information about the user agent originating the request. This is for statistical purposes, the tracing of protocol violations, and automated recognition of user agents for the sake of tailoring responses to avoid particular user agent limitations.
User agents SHOULD include this field with requests.
Here you can find more information:
http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
Feel free to come back to me answering this email for more information.”

How to Fix

We need to add following line in VerifyIPN and GetPDTDetails methods in PayPalStandardPaymentProcessor.cs

 req.UserAgent = HttpContext.Current.Request.UserAgent;



PayPalStandardPaymentProcessor.cs

public bool VerifyIPN(string formString, out Dictionary<string, string> values)
{
        ...
            string formContent = string.Format("{0}&cmd=_notify-validate", formString);
            req.ContentLength = formContent.Length;

            //paypal fix          
            req.UserAgent = HttpContext.Current.Request.UserAgent;
            //paypal fix end
           ...
}


public bool GetPDTDetails(string tx, out Dictionary<string, string> values, out string response)
{
        ...
             string formContent = string.Format("cmd=_notify-synch&at={0}&tx={1}", _paypalStandardPaymentSettings.PdtToken, tx);
             req.ContentLength = formContent.Length;
            
            //paypal fix          
            req.UserAgent = HttpContext.Current.Request.UserAgent;
            //paypal fix end
            ...
}
shahdat


Please vote up if my post added any value to the community
2
9 years ago
Hi,

Thanks a lot for reporting and the solution. I've just created a work item
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Andrei Mazulnitsyn
nopCommerce team
0
9 years ago
Fixed. Please see changeset 0612e1b10b01. Thanks a lot again

BTW, why do you think that PDT also needs "user agent" passed? I haven't googled any references about it
Interested in the dedicated Premium support services provided by core developers? Please visit https://www.nopcommerce.com/nopcommerce-premium-support-services

Regards,
Andrei Mazulnitsyn
nopCommerce team
0
9 years ago
a.m. wrote:
Fixed. Please see changeset 0612e1b10b01. Thanks a lot again

BTW, why do you think that PDT also needs "user agent" passed? I haven't googled any references about it


Thanks for the quick fix.

"user agent" need to be passed in both,  actually for PDT or IPN verification system post request to https://www.paypal.com/us/cgi-bin/webscr right?

https://www.paypal.com/us/cgi-bin/webscr responses 403 if  no 'user-agent' passed.

I already faced this issue for multiple clients. They all good now.
shahdat


Please vote up if my post added any value to the community
2
8 years ago
Hi everyone!

I'm using the nopcommerce version i we are still having this problem at GetPdtDetails.
FAIL Error: 4003

Please help :(
0
8 years ago
gmarvano wrote:
Hi everyone!

I'm using the nopcommerce version i we are still having this problem at GetPdtDetails.
FAIL Error: 4003

Please help :(


When testing Payment Data Transfer (PDT) in the Sandbox, make sure your PDT script POSTs back information to www.sandbox.paypal.com. If testing on the Live PayPal site, make sure the script POSTs data back to www.paypal.com. Currently, all sample code on the Live and Sandbox sites "point" back to the live PayPal site.
Kind Regards
Marko Krstic (SocialBug Founder)

https://mlm-socialbug.com
https://socialbug.io
Email: marko@mlm-socialbug.com
1
8 years ago
CarpeDiem wrote:
Hi everyone!

I'm using the nopcommerce version i we are still having this problem at GetPdtDetails.
FAIL Error: 4003

Please help :(

When testing Payment Data Transfer (PDT) in the Sandbox, make sure your PDT script POSTs back information to www.sandbox.paypal.com. If testing on the Live PayPal site, make sure the script POSTs data back to www.paypal.com. Currently, all sample code on the Live and Sandbox sites "point" back to the live PayPal site.



Hi! Thanks! Yesterday in last minute I realized that there's was a problem with the email address in my nop admin panel. I had to put the email address i use to login paypal sanbox instead of the one it was :)

Now it's working great :)
1
8 years ago
Hi, I have same issue. and I made changes according to this post, But still not Fixed my issue. Can any one help please what i need more to do? thanks
<h2> Smile </h2>
1
8 years ago
I have solve this problem.
First of all go to your https://developer.paypal.com/developer/accounts/
and create a business test account and then go to https://www.sandbox.paypal.com/signin/
and login with your business test account
and go to profile->my selling tools -> web Preferences and set auto return on
and give the URL http://Your public Ip OR www.yourstore.com/Plugins/PaymentPayPalStandard/PDTHandler .

If anyone need help contact with me
2
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.