Skip to content

[Backport to release/10.7] PayPal Standard: Fix webhook handling for invalid links#63886

Merged
Mayisha merged 2 commits intorelease/10.7from
cherry-pick-PR63834-to-release/10.7
Mar 27, 2026
Merged

[Backport to release/10.7] PayPal Standard: Fix webhook handling for invalid links#63886
Mayisha merged 2 commits intorelease/10.7from
cherry-pick-PR63834-to-release/10.7

Conversation

@woocommercebot
Copy link
Copy Markdown
Collaborator

@woocommercebot woocommercebot commented Mar 26, 2026

This PR is a cherry-pick of #63834 to release/10.7.

Original PR Description

Submission Review Guidelines:

Changes proposed in this Pull Request:

  • resource.links is normalized before calling authorize_or_capture_payment(). Missing links defaults to an empty array. This avoids a PHP TypeError from the strict array $links parameter.
  • The webhook REST callback now uses a catch ( \Throwable $e ) instead of Exception. All failures (including Exception and Error / TypeError) are logged with WC_Gateway_Paypal::log() and return a consistent JSON error response with HTTP 500, so webhook processing failures are observable in logs and no longer rely on only catching Exception.

Closes WOO6-49

How to test the changes in this Pull Request:

  • Code review should be sufficient.

Milestone

Note: Check the box above to have the milestone automatically assigned when merged.
Alternatively (e.g. for point releases), manually assign the appropriate milestone.

Changelog entry

  • Automatically create a changelog entry from the details below.
  • This Pull Request does not require a changelog entry. (Comment required below)
Changelog Entry Details

Significance

  • Patch
  • Minor
  • Major

Type

  • Fix - Fixes an existing bug
  • Add - Adds functionality
  • Update - Update existing functionality
  • Dev - Development related task
  • Tweak - A minor adjustment to the codebase
  • Performance - Address performance issues
  • Enhancement - Improvement to existing functionality

Message

Fix PayPal Standard webhook handling for invalid links.

Changelog Entry Comment

Comment

@Mayisha @woocommercebot
PayPal Standard: Fix webhook handling for invalid links (#63834)
2756aca 
* catch throwable

* type safety for links array

* remove exception

* Add changefile(s) from automation for the following project(s): woocommerce

* fix lint

* return generic message
@woocommercebot woocommercebot requested a review from Mayisha March 26, 2026 18:41
@github-actions github-actions Bot added this to the 10.7.0 milestone Mar 26, 2026
@github-actions github-actions Bot added the plugin: woocommerce Issues related to the WooCommerce Core plugin. label Mar 26, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 26, 2026

Testing Guidelines

Hi @Mayisha ,

Apart from reviewing the code changes, please make sure to review the testing instructions (Guide) and verify that relevant tests (E2E, Unit, Integration, etc.) have been added or updated as needed.

Reminder: PR reviewers are required to document testing performed. This includes:

  • 🖼️ Screenshots or screen recordings.
  • 📝 List of functionality tested / steps followed.
  • 🌐 Site details (environment attributes such as hosting type, plugins, theme, store size, store age, and relevant settings).
  • 🔍 Any analysis performed, such as assessing potential impacts on environment attributes and other plugins, conducting performance profiling, or using LLM/AI-based analysis.

⚠️ Within the testing details you provide, please ensure that no sensitive information (such as API keys, passwords, user data, etc.) is included in this public issue.

@woocommercebot woocommercebot mentioned this pull request Mar 26, 2026
Merged
13 tasks
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 26, 2026
edited
Loading

Test using WordPress Playground

The changes in this pull request can be previewed and tested using a WordPress Playground instance.
WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser.

Test this pull request with WordPress Playground.

Note that this URL is valid for 30 days from when this comment was last updated. You can update it by closing/reopening the PR or pushing a new commit.

@Mayisha Mayisha merged commit 4ec1ea8 into release/10.7 Mar 27, 2026
92 of 94 checks passed
@Mayisha Mayisha deleted the cherry-pick-PR63834-to-release/10.7 branch March 27, 2026 04:16
@github-actions github-actions Bot added the metric: feature freeze exception A tracking label for PRs that were merged after the feature freeze. label Mar 27, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Mar 27, 2026

⚠️ API Documentation Reminder

Hi @woocommercebot! Your PR contains REST API changes. Please consider updating the REST API documentation if your changes affect the public API.

Changed API files:

plugins/woocommerce/includes/rest-api/Controllers/Version3/class-wc-rest-paypal-webhooks-controller.php

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mayisha Mayisha Mayisha approved these changes

Assignees

@Mayisha Mayisha

Labels

metric: feature freeze exception A tracking label for PRs that were merged after the feature freeze. plugin: woocommerce Issues related to the WooCommerce Core plugin.

Projects

None yet

Milestone

10.7.0

Development

Successfully merging this pull request may close these issues.

2 participants

@woocommercebot @Mayisha