paypal does not (no longer?) work in software-center

Bug #1018347 reported by Michael Vogt on 2012-06-27
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Payment service
Critical
Unassigned
software-center (Ubuntu)
Critical
Unassigned
Precise
Critical
Unassigned

Bug Description

[TEST CASE]
1. open software-center
2. try to purchase a app
3. select paypal as the purchase method
4. verify that the screen goes gray but no window opens and there is a error message on the terminal: "** Message: console message: @0: Refused to display document because display forbidden by X-Frame-Options."
5. install software-center from precise-proposed
6. repeat steps 1-3 and verify that a overlay window opens this time

[REGRESSION POTENTIAL]
Risk is very low as we are simply removing cookies for the Software Center webkit view to workaround an issue that appeared after a change on the PayPal side. Note that has since been fixed on the server side as well.

---

When trying to purchase a app in software-center via paypal I get a "gray" overlay on top of my regular software-center window (just like its expected) but no window opens that shows the paypal interaction. Instead I get at the terminal:

** Message: console message: @0: Refused to display document because display forbidden by X-Frame-Options.

Please let me know if that is something that needs to be fixed client side, I assume this is a server issue for now.

Michael Vogt (mvo) wrote :

I should add that this is a issue on both quantal and precise.

Michael Vogt (mvo) wrote :

Plus full http content debugging enabled.

Michael Vogt (mvo) wrote :

The attached branch fixes the bug for me, one side-effect is that there is a permanent cookie file now so there is no need to relogin again.

tags: added: ca-escalated
Changed in canonical-payment-service:
importance: Undecided → Critical
status: New → In Progress
Michael Vogt (mvo) on 2012-06-27
visibility: private → public
Changed in software-center (Ubuntu):
status: New → In Progress
importance: Undecided → Critical
Changed in software-center (Ubuntu Precise):
status: New → In Progress
importance: Undecided → Critical

While not having to re-login is indeed a very nice side-effect, there could be a problem if we don't allow logging out of the session somehow. The problem I see is the following scenario:

User logs in with account A to buy some software, but later wants to buy other software with account B. He cannot do this unless he somehow clears the cookies.

This scenario could be very plausible (eg, person helps mom/dad/someone else to buy software via USC), so we should not discard it.

A possible solution would be to delete cookies at the end of the SC session (ie, when closing SC) however that wouldn't get us the benefit on not having to re-login (but at the same time would be a "non-change" functionally speaking)

Michael Vogt (mvo) wrote :

Thanks Ricardo, could we have a logout button on the pay page itself? The page that says:
"""
Order summary
1 Purchase of software 'Snorms'
"""
?

Michael Vogt (mvo) on 2012-06-28
Changed in canonical-payment-service:
status: In Progress → Invalid
description: updated
Michael Vogt (mvo) on 2012-07-02
Changed in software-center (Ubuntu):
status: In Progress → Fix Released
Changed in software-center (Ubuntu Precise):
status: In Progress → Fix Released
Selene ToyKeeper (toykeeper) wrote :

I had a user complain about this recently, in ticket #18605. I told them it was probably a network issue and asked them to use a direct credit transaction instead. I have a copy of their USC log, but it sounds like it may no longer be relevant.

Changed in software-center (Ubuntu Precise):
status: Fix Released → Fix Committed

Hello Michael, or anyone else affected,

Accepted software-center into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/software-center/5.2.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please change the bug tag from verification-needed to verification-done. If it does not, change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

tags: added: verification-needed
description: updated
Gary Lasker (gary-lasker) wrote :

I have verified that software-center version 5.2.4 in precise-proposed fixes this bug per the test case given in the description.

Thanks!

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-center - 5.2.4

---------------
software-center (5.2.4) precise-proposed; urgency=low

  [ Michael Vogt ]
  * lp:~mvo/software-center/lp970627:
    - fix intermittent crash when expunging the cache (LP: #970627)
  * lp:~mvo/software-center/lp971776:
    - fix crash when a downloaded image is invalid for whatever
      reason (network issues, proxy issues, pay-wall in between)
      (LP: #971776)
  * lp:~mvo/software-center/lp967036-2:
    - fix unicode error crash for people running with the
      LANGUAGE=zh_CN.UTF-8 or zh_TW.UTF-8 (LP: #967036)
  * lp:~mvo/software-center/cookie-jar:
    - fix paypal support in the purchases window (LP: #1018347)

  [ Gary Lasker ]
  * debian/control:
    - update vcs link to point to the 5.2 branch
  * lp:~gary-lasker/software-center/previous-purchase-sorting-lp873104:
    - return correct results when sorting the list of previous
      purchases (LP: #873104)
  * lp:~gary-lasker/software-center/recommendations-string-change-lp986437-for-5.2:
    - switch to the updated recommendations opt-in string now that the
      corresponding language pack updates are released and available
      (LP: #986437)
  * lp:~gary-lasker/software-center/fix-lp920741:
    - fix UnicodeDecodeError when a commercial app's title contains
      a unicode character (LP: #920741)

  [ Natalia Bidart ]
  * lp:~nataliabidart/software-center/cant-stop-the-music:
    - Stop the video if user navigates away from an app details page
      (LP: #1003954).
 -- Michael Vogt <email address hidden> Thu, 28 Jun 2012 10:35:55 +0200

Changed in software-center (Ubuntu Precise):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers