search

solidusio-contrib / solidus_viabill

Solidus extension for Viabill Payments Service
BSD 3-Clause "New" or "Revised" License
0 stars 1 forks source link

Fix CSRF and Skip #load_token Before Action #13

Closed Naokimi closed 2 years ago

Naokimi commented 2 years ago

After some more testing we found out that sending a POST request to /api/checkout_callback raises a CSRF error.

We added the fix for that and also skipped loading an order for the callback action