I wonder what's the right strategy to secure the status-update-notification endpoint on server.
Apparently the payloads that Apple send can be crafted. It's possible to verify each received receipt on each status update.
However I don't know if CANCEL event (which I never witnessed) contains any receipt at all. The previously saved receipt can be used but I am not sure that Apple will even verify it since cancelled transactions should be treated as if they never happened but may only be a figure of speech.
Thoughts?
