[ic] SSL and dropped baskets
Mike Heins
interchange-users@icdevgroup.org
Mon Apr 7 18:14:01 2003
Quoting Lyn St George (lyn@zolotek.net):
> On Mon, 7 Apr 2003 10:14:36 -0400, Mike Heins wrote:
>
> >Quoting Lyn St George (lyn@zolotek.net):
[snip]
> >> A simple fix is to add the following line to lib/Vend/Server.pm
> >> $domain = $CGI::server_name;
> >> just after:
> >> sub create_cookie {
> >> my ($domain,$path) = @_;
> >>
> >> This ensures that $domain is only the domain name without
> >> any host prepended to it.
> >>
> >> Please note that this has not been extensively tested (nor is
> >> it particularly elegant) so there is the possibility that it may
> >> break something else. Any thoughts anyone?
> >>
> >
> >It will break on upgrade, obviously.
> >
> >Probably you are running into a "Mall Yes" setting in interchange.cfg.
> >
> >But thinking about this a bit, I don't think we need to honor "Mall"
> >if CookieDomain is set. There is no need to set paths if you want
> >the cookie to go to a specific domain.
> >
> >So I have made this patch to the latest CVS:
> >
> >--- old/lib/Vend/Server.pm Sat Mar 29 15:31:46 2003
> >+++ new/lib/Vend/Server.pm Mon Apr 7 10:06:46 2003
> >@@ -535,13 +535,13 @@
> >
> > my @domains;
> > @domains = ('');
> >+ my @paths;
> >+ @paths = ('/');
> >+
> > if ($Vend::Cfg->{CookieDomain}) {
> > @domains = split /\s+/, $Vend::Cfg->{CookieDomain};
> > }
> >-
> >- my @paths;
> >- @paths = ('/');
> >- if($Global::Mall) {
> >+ elsif($Global::Mall) {
> > my $ref = $Global::Catalog{$Vend::Cat};
> > @paths = ($ref->{script});
> > push (@paths, @{$ref->{alias}}) if defined $ref->{alias};
> >
> >I think that should solve any problems in this regartd. It would be nice
> >if you report back about it, but I am fairly confident.
>
> Yes it works - setting both CookieDomain and 'Mall Yes' but using this
> patch it works just the same as without the patch and without 'Mall Yes'
> as noted above. Thanks:/
Thanks for testing. I have committed the patch, and I hope it doesn't
break anyone. I don't *think* it should, but if someone has two
catalogs on the same domain name and someone enters both it conceivably
could...
--
Mike Heins
Perusion -- Expert Interchange Consulting http://www.perusion.com/
phone +1.513.523.7621 <mike@perusion.com>
Experience is what allows you to recognize a mistake the second
time you make it. -- unknown