Added documentation about referrer field at Authorize.Net

[Business-OnlinePayment-AuthorizeNet.git] / AuthorizeNet.pm

diff --git a/AuthorizeNet.pm b/AuthorizeNet.pm
index 63e2b6f..40c01d9 100644 (file)
--- a/AuthorizeNet.pm
+++ b/AuthorizeNet.pm
@@ -1,6 +1,6 @@
 package Business::OnlinePayment::AuthorizeNet;
 
-# $Id: AuthorizeNet.pm,v 1.13 2002-08-14 00:09:11 ivan Exp $
+# $Id: AuthorizeNet.pm,v 1.14 2002-08-16 06:53:28 ivan Exp $
 
 use strict;
 use Carp;
@@ -238,6 +238,13 @@ Unlike Business::OnlinePayment or pre-3.0 verisons of
 Business::OnlinePayment::AuthorizeNet, 3.1 requires separate first_name and
 last_name fields.
 
+Business::OnlinePayment::AuthorizeNet uses the ADC direct response method,
+and sends a username and password with every transaction.  Therefore,
+Authorize.Net's referrer "security" is not necessary.  In your Authorize.Net
+interface at https://secure.authorize.net/ make sure the list of allowable
+referers is blank.  Alternatively, set the B<referer> field in the transaction
+content.
+
 To settle an authorization-only transaction (where you set action to
 'Authorization Only'), submit the nine-digit transaction id code in
 the field "order_number" with the action set to "Post Authorization".