I very much wanted to buy a license to use the ISPConfig Migration Tool. Unfortunately when I click the BUY NOW button it does not redirect securely to Paypal's website with the invoice filled but remains on your own www{dot}ispconfig{dot}org domain and embeds what looks like a paypal login in an IFRAME. The Form Action though is relative to the IFRAME src which is not being fetched from paypal.com. Can you assuage my fear that this is not sa safe or secure means of payment? {additional for those worried by this} I tried a few options on that form without giving over my credentials and found that, clicking the "trouble logging in link" and then hitting the back button allows the page to fully redirect to paypal and payment to be made there securely.
As prompted, non-too gallatly above, tried again with a browser that lacks a popup blocker. This time popup window opens direct from paypal. Still bad practice as most users now block arbitrary popup/popunder windows because of advertizing/malware abuse, some browsers even by default.
I agree that this is not really good at the moment that you see our domain instead the one from paypal in the URL bar in case you use a popup blocker as the page that is shown is indeed from Paypal and not from us. I don't remember that it was like this in the past, the shopping cart we use is from sendowl and they must have changed something in their code, I'll talk with them if they can change that back in their code. I guess they use an iframe or similar to load the Paypal page without changing the URL.
