Dev Catches Silent Webhook Bug That Would Have Blocked Most Indonesian E-Commerce Payments
A developer building a Midtrans payment integration for an e-commerce project discovered a critical bug in the webhook handler that would have silently failed all non-card transactions, including QRIS and bank transfers. The flaw stemmed from a fraud status check that required the value 'accept', while non-card payment methods can return a null fraud status since Midtrans' Fraud Detection System does not apply to them. In Indonesia, non-card methods typically account for the majority of e-commerce transactions, making the bug particularly impactful. The developer caught the issue by carefully re-reading official Midtrans documentation on transaction statuses and fraud detection after initially considering the code complete. The fix involved updating the condition to treat both null and 'accept' fraud statuses as valid for marking a payment as successful.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in