diff --git a/BTCPayServer/Views/Apps/UpdatePointOfSale.cshtml b/BTCPayServer/Views/Apps/UpdatePointOfSale.cshtml index 3c2f82cc8..766def9b6 100644 --- a/BTCPayServer/Views/Apps/UpdatePointOfSale.cshtml +++ b/BTCPayServer/Views/Apps/UpdatePointOfSale.cshtml @@ -57,7 +57,7 @@
url field, this can be spoofed to use attacker's server.GET request to the invoice's url with Content-Type: application/jsonGET request to the invoice's url with Content-Type: application/jsonorderId is from your backend, that the price is correct and that status is either confirmed or complete