Should a payment success or error page expire?
-
14-03-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
When payment is made, it either succeeds or fails for whatever reason. In this case, though not important, the payment is made on a third party payment website, like Paypal, and a callback url is supplied for success or failure.
My question is should that success or error page expire, that is start returning a 404 after a set time or even immediately after it has been accessed once. There might be no security implications for allowing a notifications page live on forever, so this is more of a best practice question. But if there're security implications, I'll be glad to hear them.
Thank you
해결책
No. You generally use the same call back for all payments and the 3rd parties API will expect it to always be there and conform to the spec.
Also, returning a 404 generally wont reverse the payment or anything.
If you miss a callback for some reason there is usually a backup polling method you can use to check the status of a payment.
