Please does anyone have any ideas why Paddle.com Webooks appear not to fire the HandleURL event in Web 2.0?
I have an existing Web 1.0 project working great on AWS receiving POST from Paddle Webhooks via HandleSpecialURL.
I upgraded to the new Web2.0 with HandleURL but now the Paddle Webhook times out and the following code at the start of the HandleURL event is not even triggered:
If I use Paw and send exactly the same POST data as Paddle says it sending, the new Web2.0 works great, as do all the other URL handling features in my application that have nothing to do with Paddle.
This is a standalone web app that I’ve run by double clicking, and I also tried installing as a Windows Service but I get the same results.
I know the Paddle data gets to the AWS windows server because the Web1.0 works great.
I am fairly confident that the address, port, URL structure, and code inside the HandleURL Event is correct because I can POST the exact same thing from Paw on my local machine to the AWS address and it works using Web 2.0 framework.
I’ve tried a new AWS windows instance disabling all firewalls and security and I get exactly the same results.
Hopefully it is something that I’m simply overlooking, but I’m at a bit of a loss so any help would be appreciated.
If you get the header, you need to check the other headers and make sure your app can handle such a request. To be honest, I have no idea why you’d use this header for a request that’s that small as the overhead of sending the request twice is about 50% more data. Usually this is for clients that want to send mega or gigabytes of data and want to make sure the client can handle it.
Anyway, if you have this header, set the response status code to 100 for Yes or 417 for No and return True. The real request should then be sent by the client.
This is probably because paddle.com doesn’t expect a server to process an invalid request to the webhook anyway. Making the webhook more secure. So they expect you to process the headers, see if it’s a valid request the return HTTP 1/1 100 Continue and then process the body and respond again with 200 OK or whatever response is expected. If the headers are invalid (security hash or signature is not accepted) the server should respond with an error for example 403…
Paddle makes this overly complex. It’s far easier and more secure to just provide an id for the payment is a POST parameter to the server / webhook and then have the server call the paddle service to verify (using a secret or api key or such). Currently not possible with paddle.
I hope xojo can fix this to ability to handle these kind of requests.