Recently i tried to integrate frappe with our payment gateway and achieve at checkout process. But the problem is that, how to handle the return url from the payment gateway that is using http post protocol? do you have any advice to this issue? or any work around?
What i see in frappe is that, all http request will be validated in frappe.local.http_request = frappe.auth.HTTPRequest(), inside this method there is self.validate_csrf_token() that will force all requests to validate its csrf token except for mobile and ignore_csrf (globally).
There is no way to exclude http request selectively for certain cases. I would imagine if we can do like decorator @frappe.ignore_csrf()
after disabling csrf globally, then my return_url from payment gateway is now working.
for the time being, the solution is to add "ignore_csrf":true inside site_config.json