[ic] SSL and dropped baskets

Mike Heins interchange-users@icdevgroup.org
Mon Apr 7 18:14:01 2003 

Quoting Lyn St George (lyn@zolotek.net):
> On Mon, 7 Apr 2003 10:14:36 -0400, Mike Heins wrote:
> 
> >Quoting Lyn St George (lyn@zolotek.net):
[snip]
> >> A simple fix is to add the following line to lib/Vend/Server.pm
> >> 	$domain = $CGI::server_name;
> >> just after:
> >> 	sub create_cookie {
> >> 	my ($domain,$path) = @_;
> >> 
> >> This ensures that $domain is only the domain name without
> >> any host prepended to it.
> >> 
> >> Please note that this has not been extensively tested (nor is 
> >> it particularly elegant) so there is the possibility that it may 
> >> break something else. Any thoughts anyone?
> >> 
> >
> >It will break on upgrade, obviously.
> >
> >Probably you are running into a "Mall Yes" setting in interchange.cfg.
> >
> >But thinking about this a bit, I don't think we need to honor "Mall"
> >if CookieDomain is set. There is no need to set paths if you want
> >the cookie to go to a specific domain. 
> >
> >So I have made this patch to the latest CVS:
> >
> >--- old/lib/Vend/Server.pm	Sat Mar 29 15:31:46 2003
> >+++ new/lib/Vend/Server.pm	Mon Apr  7 10:06:46 2003
> >@@ -535,13 +535,13 @@
> > 
> > 		my @domains;
> > 		@domains = ('');
> >+		my @paths;
> >+		@paths = ('/');
> >+
> > 		if ($Vend::Cfg->{CookieDomain}) {
> > 			@domains = split /\s+/, $Vend::Cfg->{CookieDomain};
> > 		}
> >-
> >-		my @paths;
> >-		@paths = ('/');
> >-		if($Global::Mall) {
> >+		elsif($Global::Mall) {
> > 			my $ref = $Global::Catalog{$Vend::Cat};
> > 			@paths = ($ref->{script});
> > 			push (@paths, @{$ref->{alias}}) if defined $ref->{alias};
> >
> >I think that should solve any problems in this regartd. It would be nice
> >if you report back about it, but I am fairly confident.
> 
> Yes it works - setting both CookieDomain and 'Mall Yes' but using this
> patch it works just the same as without the patch and without 'Mall Yes' 
> as noted above. Thanks:/

Thanks for testing. I have committed the patch, and I hope it doesn't
break anyone. I don't *think* it should, but if someone has two
catalogs on the same domain name and someone enters both it conceivably
could...

-- 
Mike Heins
Perusion -- Expert Interchange Consulting    http://www.perusion.com/
phone +1.513.523.7621      <mike@perusion.com>

Experience is what allows you to recognize a mistake the second
time you make it. -- unknown