Remove the browser Security Warning for insecure connection when returning from an EDD PayPal Standard payment.
This is an add-on for Easy Digital Downloads. This plugin is beneficial to your store only if both of the following apply:
- You use PayPal Standard.
- Your site does not have an SSL certificate.
When customers pay with PayPal Standard, they enter their payment details on the PayPal site, then they are returned to your site. On the return trip, if your site doesn’t have an SSL certificate, your customers see a Security Warning notice pop up in their browser, saying something like this:
The information you have entered on this page will be sent over an insecure connection and could be read by a third party.
This plugin will stop that security warning THE RIGHT WAY. This plugin doesn’t insecurely suppress the message. It does the right thing. Simply, it filters the PayPal “Return method” variable to tell it to NOT send sensitive data over when returning the customer to your site. By default, EDD sets the PayPal “Return method” variable to send sensitive data over the browser. This is unnecessary for PayPal Standard. There is no need for the sensitive data to be sent over the browser when a customer pays, since all the necessary data is received via IPN in the back-end.
This plugin is a short 5 lines of code. Again, this plugin is only for EDD sites that are using PayPal Standard and do not have an SSL certificate.