I don't have a solution for you, but the trailing equals are pretty typical of encoding schemes (commonly seen in base64).
So I'm guessing that's why they are sending parameters like that. I also use PxPay, but have never (that I've noticed) had problems with their URL parameters. David Neilsen | 07 834 3366 | PANmedia ® On Thu, Apr 26, 2012 at 8:58 PM, Nathan Kennedy < [email protected]> wrote: > I had a similar problem where the 'result' contained a double-dash '--'. > After hours of debugging, I found that some URL filters were seeing it as a > potential SQL injection and therefore preventing the request. > > Thanks, > Nathan. > > > On Thu, Apr 26, 2012 at 7:41 PM, Alex Osborn <[email protected]> wrote: > >> Looking for input / an authoritative answer, or maybe someone has come >> across this before: >> >> Should an URL parameter be allowed to contain an un-encoded equals >> 'sign'? RFC3986 says no? http://www.ietf.org/rfc/rfc3986.txt - section >> 2.2 >> >> Frustrating debugging today, decoding a response from DPS's PxPay product. >> >> The responses we were receiving were decoding correctly on our local >> environment, but failing on our testing server. Examining the request >> closely, this appeared to be as the value of the 'result' parameter, >> contained an equals? >> >> Example: >> >> >> http://www.example.co.nz/order/payment-callback?result=v54VPdtC6YVlz2O6vwH7ZjHlmCvoIQPjPa9MC1rmeFHjFUAvycztFQWbWIbCzkAlBvU6Ot1Wl-5NupqfcgjdpjlYoZtRf09IIB0AxvfmkY37HdOvE2MmK3gJ4VzS1X6YhdpaJwodmZrKk_PIUgcjaJxc0MbGV1jN7aA3pZmoxkOANaMuFTQhtDs0HMzaZ6vH8DmsWw-ubuz958w7bU0WAzgp5zjtdXz_ABfyKaiwfCCWTrjQgqTLi28cy15ybhi0volnb3RsQcihYE-2DX3Q1ZftDismC6rXm8SLMYv1KJVKQQKThyJAbnppQrIBcKwtOfXMUlx9vKInSBPevT1t-iDtDCMh01n9orvN9wHkcH3uYP3MY_-B2eotDOpKgY6_0ubnw0BDq91MjcqYgsJZnZr5-1liQKtVMCs62ekdVxGmccPQw9XnnVem4fG3k8vf-aC-AAbcUzrWdexbyApa5YfLXwAXS7_6peeGa73EWcWuP7CzXvykdpUx28awYAeuIyYX5eaGRxB_o5Bj7U2hYuIPir7gRqIiAa9xy8o93Y8Taq8X5FYUM2lA==&userid=Example >> >> Our server was reading this not as one parameter as intended, but as two: >> >> result= >> >> >> v54VPdtC6YVlz2O6vwH7ZjHlmCvoIQPjPa9MC1rmeFHjFUAvycztFQWbWIbCzkAlBvU6Ot1Wl-5NupqfcgjdpjlYoZtRf09IIB0AxvfmkY37HdOvE2MmK3gJ4VzS1X6YhdpaJwodmZrKk_PIUgcjaJxc0MbGV1jN7aA3pZmoxkOANaMuFTQhtDs0HMzaZ6vH8DmsWw-ubuz958w7bU0WAzgp5zjtdXz_ABfyKaiwfCCWTrjQgqTLi28cy15ybhi0volnb3RsQcihYE-2DX3Q1ZftDismC6rXm8SLMYv1KJVKQQKThyJAbnppQrIBcKwtOfXMUlx9vKInSBPevT1t-iDtDCMh01n9orvN9wHkcH3uYP3MY_-B2eotDOpKgY6_0ubnw0BDq91MjcqYgsJZnZr5-1liQKtVMCs62ekdVxGmccPQw9XnnVem4fG3k8vf-aC-AAbcUzrWdexbyApa5YfLXwAXS7_6peeGa73EWcWuP7CzXvykdpUx28awYAeuIyYX5eaGRxB_o5Bj7U2hYuIPir7gRqIiAa9xy8o93Y8Taq8X5FYUM2lA= >> >> We're breaking up the query string manually as a workaround, but is there >> a server setting we can change or something I am not aware of, or should I >> go bother DPS? >> >> >> >> >> >> >> >> -- >> NZ PHP Users Group: http://groups.google.com/group/nzphpug >> To post, send email to [email protected] >> To unsubscribe, send email to >> [email protected] > > > -- > NZ PHP Users Group: http://groups.google.com/group/nzphpug > To post, send email to [email protected] > To unsubscribe, send email to > [email protected] > -- NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected]
