Paypal & Checkout problems. Error: Security header is not valid Se

[Ggib]

Not sure if anyone can help out there but each time we try and process a purchase on our website, the following error message comes up on the basket page upon checkout.

 

The following errors were detected:

• Error: Security header is not valid Security error

I notice there have been posts regarding this in the past but with no real answers.

 

Please help if you can!

Thanks

[Dirty Butter]

Not sure if this is part of your problem or not, but it is a good idea to make all skin template URL's relative when you use SSL. In other words, if you have something like an EXAMPLE link on your site - change the url in your code from http://EXAMPLE.xxx to //EXAMPLE.xxx.
 
I went through every skin template page to get rid of some security messages. But I did it so long ago I don't remember what error messages I was seeing way back when.

[Al Brookbanks]

What version of CubeCart are you on?

[Ggib]

Version 5.2.7 - I think! Not sure where I can double check.

[Dirty Butter]

The Store Overview tab on the Dashboard should confirm your version. I'm pretty sure that tab has been there from quite some time.

[Al Brookbanks]

According to PayPal this is because your API credentials are wrong. Your store has error code 10002.

 

Reference: https://developer.paypal.com/webapps/developer/docs/classic/api/errorcodes/ 

[Ggib]

Hi,

I have now tested the site using Sandbox, (both on Paypal & Cubecart) and it works fine.

On reloading the Live API credentials supplied by Paypal however, we are still getting the same error code. Could something else be going on?

I have also noticed that on the plugins Paypal input page there is now an extra option by the 'Express Button Checkout Action' - "Redirect to Paypal" which was not there before.  Before I raised this error message issue the only option there was "Inline (Lightbox Overlay)". I was hoping that, as this action finally made sense, it might solve the problem but obviously not.

We have also been given an App ID from Paypal but I cannot see anywhere this needs to be input on Cubecart. Is it needed and if so, where do I input it?

Any opinions on this really frustrating problem would be gratefully accepted!

 

Thanks.

[Al Brookbanks]

We worked closely with PayPal to develop the inline integration. This loaded a PayPal login window over your store in a modal window without redirecting to paypal. The integration worked really well but PayPal decided to axe it. I think because if it were faked with cross site scripting it would be harder to detect by the consumer. Which ever you choose CubeCart will take the old redirect method so this setting can just be ignored. We need to remove it for the next release.

Back to the issue in hand. If sandbox works then live should too if you are 100% sure the API details are right then PayPal need to check your account is active and setup correctly.

[Ggib]

will check with them again.

what is the App ID and is it needed?

[Al Brookbanks]

No the app id isn't needed. API username, signature and password.

[firetrader]

Hi All
I just activated this with Paypal as well and I am also getting 

• Error: Security header is not valid Security error

I'm on v5.2.12

We have updated all API details and confirmed with Paypal that these are correct.
We have verified under manage 3rd Party at Paypay which has verified Ezimerchant

We have check all options and treid options and still getting the error
Any Ideas

[Ggib]

We had the same problem for ages - double check you're API details again - we had misread a lower case L (l) for a capital i (I) !! As you can see they both look identical!

Hope this helps.