We need ‘redirect only’ because we generate content and need the request to be a “direct connection” between the user and our script. The script performs all the security we need to prevent the URL from being abused. We make sure the user is currently logged into WooCommerce, they have an order that contains the product, that it hasn’t been refunded, we get extra attributes from the order to complete the generation of the download, etc.
Please don’t remove the ‘redirect only’ as our particular download functionality requires it. We love WooCommerce but this would be fatal to our store!
If you don’t plan to remove it, could you possibly change it from “deprecated” to something like “not secure/not recommended”. I know that technically “deprecated” means that it is discouraged but in the computer world it usually means that you can expect to have it removed soon! Or maybe leave it as “deprecated” and mention in the documentation that removal is not currently planned but it’s use is highly discouraged unless you know what you are doing because it circumvents the security that WooCommerce would normally provide for you.
Thanks @peterfabian1000
