我们有一个 Magento 2 站点(PHP 7.2.30、Apache/2.4.43),并且我们正在使用使用重定向集成的支付网关。当客户选择使用他们付款时,他们将被带到支付提供商页面,在那里他们输入信用卡详细信息,付款后,支付提供商使用 POST 方法将客户发送回以下网址
https://mymagentosite.com/checkout/cart/
然而,Magento 然后将用户 302 重定向到主页
我们已经测试过,我们可以直接访问上面的 url,但是当我们尝试将任何数据发布到该 url 时,它只会重定向到主页。
我们尝试了使用不同的 Magento 安装(所有版本 2)的相同场景。对于某些网站来说,它可以工作,但对于某些网站来说,它不起作用。
有什么想法吗?以下是我们在“网络”选项卡中可以看到的内容。
Request URL: https://mymagentosite.com/checkout/cart/
Request Method: POST
Status Code: 302
Remote Address: xx.xx.xx.xxx:443
Referrer Policy: no-referrer-when-downgrade
access-control-allow-headers: authorization, origin, user-token, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 09 Jul 2020 11:35:55 GMT
expires: Tue, 09 Jul 2019 11:35:56 GMT
gd-server: Agrii
location: https://mymagentosite.com/
pragma: no-cache
server: Apache
set-cookie: PHPSESSID=tl3jrdf4s7sphmtf7k35ntp72a; expires=Thu, 09-Jul-2020 12:35:55 GMT; Max-Age=3600; path=/; domain=mymagentosite.com; secure; HttpOnly;HttpOnly;Secure
set-cookie: private_content_version=d0bc931457425e0d377365db2431379d; expires=Sun, 07-Jul-2030 11:35:55 GMT; Max-Age=315360000; path=/; secure;HttpOnly;Secure
set-cookie: form_key=dT1VSLBY33VECrPW; expires=Thu, 09-Jul-2020 12:35:55 GMT; Max-Age=3600; path=/; domain=mymagentosite.com;HttpOnly;Secure
set-cookie: mage-messages=%5B%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Your+session+has+expired%22%7D%2C%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Invalid+Form+Key.+Please+refresh+the+page.%22%7D%2C%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Invalid+Form+Key.+Please+refresh+the+page.%22%7D%2C%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Invalid+Form+Key.+Please+refresh+the+page.%22%7D%5D; expires=Fri, 09-Jul-2021 11:35:56 GMT; Max-Age=31536000; path=/;HttpOnly;Secure
status: 302
strict-transport-security: max-age=63072000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-magento-cache-control: max-age=0, must-revalidate, no-cache, no-store
x-magento-cache-debug: MISS
x-magento-tags: FPC
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
:authority: mymagentosite.com
:method: POST
:path: /checkout/cart/
:scheme: https
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9,nb;q=0.8,ru;q=0.7,ga;q=0.6,ur;q=0.5
cache-control: max-age=0
content-length: 10
content-type: application/x-www-form-urlencoded
cookie: _hjid=715b5b02-19d1-4533-85c6-a1c2ee399ff4; _ga=GA1.2.288380805.1594293232; _gid=GA1.2.620314515.1594293232; PHPSESSID=tl3jrdf4s7sphmtf7k35ntp72a; mage-translation-storage=%7B%7D; mage-translation-file-version=%7B%7D; mage-cache-storage=%7B%7D; mage-cache-storage-section-invalidation=%7B%7D; mage-cache-sessid=true; form_key=dT1VSLBY33VECrPW; recently_viewed_product=%7B%7D; recently_viewed_product_previous=%7B%7D; recently_compared_product=%7B%7D; recently_compared_product_previous=%7B%7D; product_data_storage=%7B%7D; searchReport-log=0; _hjIncludedInSample=1; __atuvc=2%7C28; __atuvs=5f06fe24d397c3d2001; private_content_version=3aac0f243eb3546882ab3d080549c5a7; mage-messages=%5B%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Your+session+has+expired%22%7D%2C%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Invalid+Form+Key.+Please+refresh+the+page.%22%7D%2C%7B%22type%22%3A%22error%22%2C%22text%22%3A%22Invalid+Form+Key.+Please+refresh+the+page.%22%7D%5D; _gat_gtag_UA_20854971_28=1; _gat=1; section_data_ids=%7B%22cart%22%3A1594294549%2C%22messages%22%3A1594293807%7D
dnt: 1
origin: https://paymentprovider.com
referer: https://paymentprovider.com/postback.php
sec-fetch-dest: document
sec-fetch-mode: navigate
sec-fetch-site: cross-site
sec-fetch-user: ?1
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
小智 5
发生这种情况可能是因为您的控制器不支持 POST 请求。您需要实现 CsrfAwareActionInterface 并实现两个名为 createCsrfValidationException 和 validateForCsrf 的方法。
更多细节。请参考这个链接:
| 归档时间: |
|
| 查看次数: |
3769 次 |
| 最近记录: |