Settings for the redirect page (callback_redirect)

General requirements

• Callbacks often fail because of caching services. You should disable caching services like CloudFlare, Varnish, etc.

• All image, link, stylesheet, and form elements must use double quotes for attributes. For example
  

  <img href="image.png"/>

• To prevent fraud attempts, the callback page must not accept traffic from any source but AltaPay's gateway. AltaPay's outgoing IP address is 185.206.120.0/24(ipv6: 2a10:a200::/29). You can do this, for example, using the following .htaccess file: 

  order deny,allow
  deny from all
  allow from <valid outgoing IP address>

• Encode the page using UTF-8, or use HTML entities.

• The maximum size for resources, for example, HTML, images, or CSS Files is 2 MB.

• Resources must have the appropriate content type. See Supported Resource Content Types.

• Verify that all parameters posted to the callback page are accurate to ensure that a fraud attempt has not been made.

• Callback URLs must only use ports 443 and 80.

Specific requirements for the redirect page (callback_redirect)

• Your payment page must contain a single div element with id PensioPaymentForm, <div id="PensioRedirectForm">, for example:

  • <div id="PensioRedirectForm">
    	All content in here will be replaced by the actual redirect form
    </div>

• The <div> element must not be placed in a <form> element.
• There can be other <div> elements on the page.