I've implemented a simple POST handler and set it live on a public address. Anyone can post data on it, from any computer and from any tool (cURL, Python, from the API browser etc...) but PayPal IPN simulator gives me this error instead: IPN Delivery Failed:I/O error: Connection timed out; nested exception is java.net.ConnectException: Connection timed out
I can't see anything in my server logs: nobody is trying to access my handler, while in the other cases (not using the IPN simulator) I get something like this:
[02/Aug/2013 15:27:45] "POST /api/1/paypal/ipn/ HTTP/1.1" 200 1359
Key: test_param - Value: test_value
Why the simulatore can't reach my handler while everyone else can do it?
Paypal want a secure socket layer for communicate with her, in this case your socket don't receive another communication with your java program, unless you want to create a certificate for your socket.
Related
I basically have a little web server receiving webhooks from a few things. It has been running in test and I log everything. I noticed I get more random requests from Search Engines, IP crawlers and all sorts than my own requests.
I have created a simple middle ware
app.Use(async (context, next) =>
{
await next();
// Do not respond to random fkn bot and search engine garbage.. just be silent!
if (context.Response.StatusCode != 200)
{
context.Abort();
}
});
[In postman]
When server is running I hit a 404 the middleware produces a socket hang up
When server is NOT running it produces ECONNREFUSED <-- This is what I want to return if the endpoint does not exist.
I want it to be silent pretend like nothing is there.
Because the abort send back the socket hung up that is a clear indication there is something there. Can I force a connection refused (even after a wee bit of processing time)
Not in the general case.
"Connection refused" means the socket connection was refused. By the time your method is invoked, the socket connection has already been accepted. The socket connection must be accepted before any request headers or body are read. So it's not possible to accept a socket, read the request, and then go back in time and not accept the socket.
There is a technique called "port knocking". You can look into that if you want, but it does require changes to your legitimate clients, so it won't work if they're just simple webhooks.
We have a curious situation with http referrer and response.
Our application is a J2EE with a WEB and EJB project. Working fine for years.
Recently, from one specific location, when user click to submit, our EJB sysout picked up trace that there was more than one submit (POST request) resulting in a null pointer. Our button have been designed to be disabled after it has been clicked. We are not sure how a subsequent request can possibly happen. In this simulation of the problem, we click once and there is only one user in the system.
Since this only occur when we connect from a particular ISP. We do not experience multiple request from other ISP locations. So we are suspecting that the ISP may have in advertently trigger a resubmit. But we are not sure. What else can we do to trace the root cause of this problem.
Thanks for your help.
Update on 12-Apr
We have installed wireshark to trace the signal from the browser side. We notice that the browser concern makes a "retry" after every 11 or 12 minutes. Would this be a normal browser behaviour?
I think we have found the cause of the problem. It is explained by by this https://blogs.oracle.com/ravello/beware-http-requests-automatic-retries
It is something in the HTTP spec
"If an HTTP/1.1 client sends a request which includes a request body, but which does not include an Expect request-header field with the "100-continue" expectation, and if the client is not directly connected to an HTTP/1.1 origin server, and if the client sees the connection close before receiving any status from the server, the client SHOULD retry the request. W3 Hypertext Transfer Protocol -- HTTP/1.1
MtGox Streaming API is down or is something wrong with the code?
I used this example https:// bitbucket.org/nitrous/mtgox-api/src/004c254993963baeb239ac7ac7f676b5024fc93f/socket/ws.client.html?at=master
You can test here http://atc.leadsoft.eu/test.html
I entered the server url (https://socketio.mtgox.com/mtgox) and click connect, but most of the time it writes only Connected or Connection timeout and freezes.
I have some code that is sending an INVITE to a lync address (test1#lync2013.example.com). I initially receive a 401 Unauthorized from the server (as expected). I then perform a TLS-DSK handshake as documented here: http://msdn.microsoft.com/en-us/library/ff530353(v=office.12).aspx and this completes.
However, I am now stuck receiving a 403 Forbidden response when trying to INVITE (that is, sending my 4th INVITE - the first 3 are used for the TLS-DSK handshaking), and in the ms-diagnostics header in the response has:
ms-diagnostics: 4005;reason="Destination URI either not enabled for SIP or does not exist";source="LYNC13.test.example.com"
The test1 user definitely does exist (I can call it from another Lync client) and an the Control Panel I have the user set for "Enterprise Voice" telephony which I believe is correct if the client is set up to be able to receive external SIP calls. Am I missing any more configuration?
If it helps, my SIP domain is lync2013.example.com, my AD domain is test.example.com and my Lync server FQDN is LYNC13.test.example.com.
Many thanks in advance to anyone able to help (or is seeing the same problem specifically on Lync 2013). I am in the process of configuring Lync 2010 that I will be able to check against.
Thanks again,
Simon Tolham
I am trying to test a servlet I wrote that processes a payapal IPN notification (my servlet is very similar to this example) - thing is even after enabling all the settings in the test account I am using the IPN notification is not firing at all.
I then found out that apparently in the sandbox the only way to test IPN is through the IPN simulator. I am trying to use it but I am getting:
IPN delivery failed. HTTP error code 405: Method Not Allowed
Does anyone have the slightest clue?
Also I am seeking ANY advice for testing IPN handlers in a straightforward manner since the IPN simulator kind of sucks (any option you pick it resets all the fields and so forth).
Any help appreciated!
I would check to make sure that your web server is allowing POST requests on your IPN handler URL. In this example, I used the PHP version of the example on the page you linked, and placed the script at /ipn.php.
I then telnet to my server. (replace with your server address)
$ telnet myserver.com 80
Trying myserver.com...
Connected to myserver.com.
Escape character is '^]'.
Paste the following into your telnet session. (replace ipn.php and myserver.com). Add a blank line after the last command.
POST /ipn.php HTTP/1.1
Host: myserver.com
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 0
HTTP/1.1 200 OK
If you don't see a 200 Status, it means your application is not handling POST requests properly, which is a probable cause of the 405 Error.
You should make sure that you implement a doPost() method in your servlet, as well as a doGet().
If you are able to get the requests working from the IPN simulator, and are ready to move on to sandbox testing, make sure that you have the correct Notify URL and that IPN is enabled under the sandbox seller's profile.
Also, make sure that you IPN Handler is logging INVALID requests as well, so that you know if the request was even initiated.
Finally, make sure that the IPN verification URL is set to https://www.sandbox.paypal.com/cgi-bin/webscr in your servlet. (the URL in the example you posted is https://www.paypal.com/cgi-bin/webscr)