[ic] SSL and dropped baskets
Lyn St George
interchange-users@icdevgroup.org
Mon Apr 7 16:01:01 2003
On Mon, 7 Apr 2003 10:14:36 -0400, Mike Heins wrote:
>Quoting Lyn St George (lyn@zolotek.net):
>> Hallo
>> I've just found that going from http://www.yourdomain.com
>> to https://secure.yourdomain.com results in the same loss of
>> basket contents. The documented fix for this is to add:
>> CookieDomain .yourdomain.com
>> to catalog.cfg.
>
>It absolutely should not unless the path is different and Mall
>is set to "Yes" in interchange.cfg.
Checking this shows that 'Mall Yes' was the main culprit. It also
seems to be browser dependant: on Mozilla 1.3 and Opera 5
this works properly as you say it should; but on Netscrape4.61
it will not work. (though none of this showed in the archives
for me )
>> Testing this with IC 4.9.6 and Perl 5.6.1 on RHLinux (and also
>> IC4.9.6 with Perl 5.8.0 on OS/2) it no longer works. Indeed, IC
>> now generates a new cookie for every page access.
>>
>> A simple fix is to add the following line to lib/Vend/Server.pm
>> $domain = $CGI::server_name;
>> just after:
>> sub create_cookie {
>> my ($domain,$path) = @_;
>>
>> This ensures that $domain is only the domain name without
>> any host prepended to it.
>>
>> Please note that this has not been extensively tested (nor is
>> it particularly elegant) so there is the possibility that it may
>> break something else. Any thoughts anyone?
>>
>
>It will break on upgrade, obviously.
>
>Probably you are running into a "Mall Yes" setting in interchange.cfg.
>
>But thinking about this a bit, I don't think we need to honor "Mall"
>if CookieDomain is set. There is no need to set paths if you want
>the cookie to go to a specific domain.
>
>So I have made this patch to the latest CVS:
>
>--- old/lib/Vend/Server.pm Sat Mar 29 15:31:46 2003
>+++ new/lib/Vend/Server.pm Mon Apr 7 10:06:46 2003
>@@ -535,13 +535,13 @@
>
> my @domains;
> @domains = ('');
>+ my @paths;
>+ @paths = ('/');
>+
> if ($Vend::Cfg->{CookieDomain}) {
> @domains = split /\s+/, $Vend::Cfg->{CookieDomain};
> }
>-
>- my @paths;
>- @paths = ('/');
>- if($Global::Mall) {
>+ elsif($Global::Mall) {
> my $ref = $Global::Catalog{$Vend::Cat};
> @paths = ($ref->{script});
> push (@paths, @{$ref->{alias}}) if defined $ref->{alias};
>
>I think that should solve any problems in this regartd. It would be nice
>if you report back about it, but I am fairly confident.
Yes it works - setting both CookieDomain and 'Mall Yes' but using this
patch it works just the same as without the patch and without 'Mall Yes'
as noted above. Thanks:/
>--
>Mike Heins
>Perusion -- Expert Interchange Consulting http://www.perusion.com/
>phone +1.513.523.7621 <mike@perusion.com>
>
>Any man who is under 30, and is not liberal, has not heart; and any man
>who is over 30, and is not a conservative, has not brains.
> -- Winston Churchill
>_______________________________________________
>interchange-users mailing list
>interchange-users@icdevgroup.org
>http://www.icdevgroup.org/mailman/listinfo/interchange-users
>
-
Cheers
Lyn St George
+---------------------------------------------------------------------------------
+ http://www.zolotek.net .. eCommerce hosting, consulting
+ http://www.os2docs.org .. some 'How To' stuff ...
+----------------------------------------------------------------------------------