Check the POSTed donation data is correct before continuing

Donate pages send a POST request with some payload data to api.donorfy.com. Donorfy then decides what to do next. In the case of GoCardless direct debits, it redirects the user to GoCardless.

If there’s a serious problem with the payload of the original request (e.g. an incorrect widget ID) Donorfy ignores it, responds with status code 200 (OK), and performs the redirect to GoCardless. The user makes their donation, and only then are they shown an error page.

It would be preferable to fail fast, by checking the payload of the original request _before_ performing the redirect. Ideally, the Donorfy API would respond with a 5xx status code, and an explanatory error message.

Under consideration Suggested by: Andy Lulham Upvoted: 28 Feb, '20 Comments: 0

Add a comment

0 / 1,000

* Your name will be publicly visible

* Email won't be displayed on screen