|
|
|
|
|
|
by adjwilli
5082 days ago
|
|
|
I totally agree, the best practice is to validate transactions before delivering content. It wasn't clear from the article if the method could bypass that. It would have to provide valid transaction ids to the app developer's server. That seems a little too sophisticated or impossible, so you're probably right. I guess we should really just be surprised this wasn't done sooner. |
|
|
Even if this method does manage to bypass Apple's validation, then it is Apple's problem and they will fix it quickly. But it is much more likely that developers just haven't bothered to validate receipts.