Please read for an updated status on RailsCasts:
Learn more or hide this
GitHub User: dkrich
First off, thanks so much for Railscasts- I don't know where I'd be without these!
Quick question- what is your take on the security of calling the PayPal url builder that you put in the cart model from a controller and just calling that action from the view to create the url, as opposed to sending the url directly to PayPal via hidden fields in a form?
I am trying to do the former, and it is working fine, and to the best of my knowledge, can't be viewed through a browser the way a hard-coded url can. I am still going to try and use encrypted data, but wanted to get your opinion on this method...
Thanks so much for all your hard work!