URGENT - newest s2member kills paypal IPN Redirection!

Since the newest update my IPN Payment notifications are not arriving. What was changed?

The problem does not exist when the IPN points to:
https://domain.com/?s2member_paypal_notify=1

However those IPN notifications are failing:
http://domain.com/?s2member_paypal_notify=1
— permantent redirect to https://domain.com/?s2member_paypal_notify=1
— temporary redirect to http://domain.com/?s2member_paypal_notify=1
and looping till 302…ERR_TOO_MANY_REDIRECTS

I do those redirects with standard nginx rules - they always worked. Something in s2member changed that messes up these redirects.
Downgrading solved it.

It’s not only http to https, but I also have several languages so I have all of theese failing:
https://www.velomap.org/de/?s2member_paypal_notify=1 http://openmtbmap.org/?s2member_paypal_notify=1 https://openmtbmap.org/de/?s2member_paypal_notify=1 https://openmtbmap.org/it/?s2member_paypal_notify=1 https://openmtbmap.org/?s2member_paypal_notify=1

Here are my nginx rewrite rules:

location = /de/ {
if ( $arg_s2member_paypal_notify ) {
rewrite ^ / permanent; }

if ( $arg_s2member_pro_stripe_notify ) { 
rewrite ^ / permanent; 	}

try_files $uri $uri/ /index.php?$args;
}


location = /it/ { 
if ( $arg_s2member_paypal_notify ) { 
rewrite ^ / permanent; 	}
if ( $arg_s2member_pro_stripe_notify ) { 
rewrite ^ / permanent; } 

try_files $uri $uri/ /index.php?$args;
}

server {
listen 80 default_server;
# listen [::]:80 default_server; # Removed due to s2 bugs related to ipv6
server_name openmtbmap.org wwww.openmtbmap.org 5.9.122.70 176.9.136.135;
return 301 https://$host$request_uri;
}

This has always worked - and the rules are correct according to nginx. The http/https forwarding problem will hit all users of s2member who use it since a long time when https was not common. The language redirect is of course more specific but it’s the same problem.

I have loads of redirects and I use NGinx too. Oh my.

Thanks for the warning!

It’s about IPN redirects, not redirects per se. And those matter if you have several languages or if you have subscriptions from non https: times. It’s still very bad and really needs to be fixed.