Home Post data and redirect user to WorldPay website using server side code instead of client side
Reply: 0

Post data and redirect user to WorldPay website using server side code instead of client side

Shailesh Published in 2017-09-14 07:29:59Z

In my currents website (.net MVC)we are using world pay integration, but the Pentest got failed with the issue that the value could be amend by the user in html response of form post and installationId could be misused. Here is the code we have written in view.cshtml

<form action="https://secure-test.worldpay.com/wcc/purchase" method="post">
        <input type="hidden" name="testMode" id="testMode" value="0" /> 
        <input type="hidden" name="currency" id="currency" value="GBP" /> 
        <input type="hidden" name="instId" id="instId" value="instId" />
        <input type="hidden" name="cartId" id="cartId" value="0000"/>
        <input type="hidden" name="amount" id="amount" value="5.00"/>        
        <input type="hidden" name="accId1" id="accId1" value="a1" />
        <input type="hidden" name="address1" id="address1" value="FLAT 10 DICKSON HOUSE"/>
        <input type="hidden" name="address2" id="address2" value="DRUMMOND WAY"/>
        <input type="hidden" name="town" id="town" value="DRUMMOND WAY"/>
        <input type="hidden" name="postcode" id="postcode" value="N11NR"/>
        <input type="hidden" name="email" id="email" value="test@email.com"/>
        <input type="hidden" name="country" value="GB">
        <input type="hidden" name="tel" value="">
        <input type="hidden" name="paymentType" value="VISA">
<script language="javascript" type="text/javascript">

Do we have any better way to post the data and redirect user to world pay website by c#/server side code instead of client side

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.414257 second(s) , Gzip On .

© 2016 Powered by cudou.com design MATCHINFO