问题描述

如何验证对我指定的notifyURL的PayPal IPN POST请求确实来自PayPal?

How can I validate that a PayPal IPN POST request to my specified notifyURL is indeed coming from PayPal?

我不是要将数据与我之前发送的数据进行比较，但是我如何才能验证此PayPal请求来自的服务器/IP地址确实是有效的?

I don't mean comparing the data to what I sent earlier, but how can I verify that the server / IP address this PayPal request is coming from is indeed a valid one?

推荐答案

1. PayPal向您的IPN侦听器发送一个 通知您事件的消息
2. 您的听众发送完整的 未更改的消息返回贝宝；这 邮件必须包含相同的字段 以相同的顺序编码 与原始邮件相同的方式
3. PayPal发送回一个单词，该单词 如果该消息是VERIFIED 源于PayPal或INVALID(如果存在) 与以前有什么差异 最初发送的

1. PayPal sends your IPN listener a message that notifies you of the event
2. Your listener sends the complete unaltered message back to PayPal; the message must contain the same fields in the same order and be encoded in the same way as the original message
3. PayPal sends a single word back, which is either VERIFIED if the message originated with PayPal or INVALID if there is any discrepancy with what was originally sent

https://cms.paypal .com/us/cgi-bin/?cmd = _render-content& content_ID = developer/e_howto_admin_IPNIntro

这篇关于验证IPN呼叫来自PayPal吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！