Recently my payment gateway module failed to complete the checkout correctly, After contacting the payment gateway module company, it may be related to the support of iOS12 devices.
A technician from the payment gateway company told me that I had to modify the relevant code, But I don't know how to start? Can anyone help me? Thank you very much!
References:
Chrome 80 default SameSite=Lax
https://medium.com/@azure820529/chrome- ... ba0bc785a3
https://www.chromestatus.com/feature/5088147346030592
https://www.opencart.com/forum/viewtopi ... 20&t=87607
https://www.ithome.com.tw/news/133796
You need to provide more information as to what the problem is. Which cookie needs to accessed from a third-party domain? It's probably related to you payment gateway.
Thanks for your reply!
I think this is the information I can provide, Dear Sir, Can you test for me?
https://github.com/GoogleChromeLabs/sam ... -601984395
My Payment Gateway Module:
https://www.ecpay.com.tw/Service/Appcntr_Shpcar
Thank you!
I think this is the information I can provide, Dear Sir, Can you test for me?
https://github.com/GoogleChromeLabs/sam ... -601984395
My Payment Gateway Module:
https://www.ecpay.com.tw/Service/Appcntr_Shpcar
Thank you!
I did not find the problem in Firefox, In fact, I use Google Chrome without any problems.
However, there are still a few customers who report such problems with us, I don't know why this happens.
But according to my payment gateway company told me, This is related to issues and SameSite, And can't help me...
Can you perform related tests for me?
Thank you!
However, there are still a few customers who report such problems with us, I don't know why this happens.
But according to my payment gateway company told me, This is related to issues and SameSite, And can't help me...
Can you perform related tests for me?
Thank you!
As far as I can tell it worked OK. The only third-party cookie I could see was one for google. This was correctly set with SameSite = None and Secure. There we no messages in the console about blocked third-party cookies.
Try getting your customers to clear their cookies. It could be that they have the cookies without the SameSite attribute and it's not getting updated.
Try getting your customers to clear their cookies. It could be that they have the cookies without the SameSite attribute and it's not getting updated.
I have been informed and tested by other friends, I confirm that my payment module does not support SameSite correctly.
My test step:
Enter in the URL column of Chrome: chrome://flags/ and search "SameSite"
Enable the following experiments:
SameSite by default cookies
Cookies without SameSite must be secure
After that, use my payment gateway module and select the payment method of "Shop Pickup Payment"
He found during testing, When he chose this payment method to complete the checkout process, Shopping Cart items will be emptied.
My friend told me this is a problem with the payment gateway module, But I don't know how to fix it.
Can you confirm my new link for me?
https://github.com/GoogleChromeLabs/sam ... -608208347
-----------------
I referenced some articles
https://github.com/GoogleChromeLabs/sam ... ter/php.md
https://stackoverflow.com/questions/581 ... nhHqatooYI
A friend in Taiwan said that I wanted to put these codes in a cookie-related file:
In simple terms, he asked me to add the following code to these files:
setcookie('key', 'value', time()+(7*24*3600), "/; SameSite=None; Secure");
Specifically what should i do?
My test step:
Enter in the URL column of Chrome: chrome://flags/ and search "SameSite"
Enable the following experiments:
SameSite by default cookies
Cookies without SameSite must be secure
After that, use my payment gateway module and select the payment method of "Shop Pickup Payment"
He found during testing, When he chose this payment method to complete the checkout process, Shopping Cart items will be emptied.
My friend told me this is a problem with the payment gateway module, But I don't know how to fix it.
Can you confirm my new link for me?
https://github.com/GoogleChromeLabs/sam ... -608208347
-----------------
I referenced some articles
https://github.com/GoogleChromeLabs/sam ... ter/php.md
https://stackoverflow.com/questions/581 ... nhHqatooYI
A friend in Taiwan said that I wanted to put these codes in a cookie-related file:
Code: Select all
2.3.0.2-compiled/upload/catalog/controller/extension/module/amazon_login.php(10): setcookie('amazon_Login_state_cache', '', time() - 4815162342);
2.3.0.2-compiled/upload/catalog/controller/extension/module/amazon_login.php(195): setcookie('amazon_Login_state_cache', '', time() - 4815162342);
2.3.0.2-compiled/upload/catalog/controller/extension/module/amazon_pay.php(10): setcookie('amazon_Login_state_cache', '', time() - 4815162342);
2.3.0.2-compiled/upload/catalog/controller/extension/module/amazon_pay.php(217): setcookie('amazon_Login_state_cache', '', time() - 4815162342);
2.3.0.2-compiled/upload/catalog/controller/startup/startup.php(96): setcookie('language', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);
2.3.0.2-compiled/upload/catalog/controller/startup/startup.php(124): setcookie('tracking', $this->request->get['tracking'], time() + 3600 * 24 * 1000, '/');
2.3.0.2-compiled/upload/catalog/controller/startup/startup.php(156): setcookie('currency', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);
2.3.0.2-compiled/upload/system/library/session.php(50): setcookie($key, $this->session_id, ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));
2.3.0.2-compiled/upload/system/library/session.php(77): setcookie($key, '', time() - 42000, ini_get('session.cookie_path'), ini_get('session.cookie_domain'));setcookie('key', 'value', time()+(7*24*3600), "/; SameSite=None; Secure");
Specifically what should i do?
See https://github.com/GoogleChromeLabs/sam ... ter/php.md for how to add same site to PHP setcookie. It's easiest it you are using PHP 7.3+.
However, apart from maybe the language and currency, I can't think why your payment gateway module would need access to those cookies you listed. The problem more likely lies with the payment gateway module, which you will neet to get the author to fix.
However, apart from maybe the language and currency, I can't think why your payment gateway module would need access to those cookies you listed. The problem more likely lies with the payment gateway module, which you will neet to get the author to fix.
My cPanel can switch to php 7.3, So this is no problem.
But the important thing is, Assuming my environment is already php 7.3, How can I apply the modifications to the OpenCart 2.3.0.2 file according to that article?
Anyway, My payment gateway module company is unwilling to help me, I have to solve this problem by myself, But I don't have the ability to program.
So I need a clear modification step, Can you help me?
But the important thing is, Assuming my environment is already php 7.3, How can I apply the modifications to the OpenCart 2.3.0.2 file according to that article?
Anyway, My payment gateway module company is unwilling to help me, I have to solve this problem by myself, But I don't have the ability to program.
So I need a clear modification step, Can you help me?
The problem is that Opencart should set a session cookie using a new attribute for samesite / secure (example samesite=None, Secure=true), otherwise Chrome will abort the cookie. In case a payment system is used that uses redirection and in case the customer takes over 2 minutes to finalize the payment, the customer session is lost when the customer returns to the store. The needed cookie attributes are only supported from PHP 7.3 (with the set_cookie function), in other cases the payment gateway providers should make a quickfix to prevent this problem, or an override should be made for OpenCart (although OpenCart should come up with a solution according to me). Chrome is implementing this gradually, so you might not experience this problem at the moment. You can test by setting the samesite cookie configuration in your Chrome browser like explained at https://www.ghacks.net/2020/02/05/chrom ... -upgrades/
So you mean, my payment gateway module company must solve this problem for me, right?
Anyway, I have installed php 7.3 now, I need to be able to solve this problem with the modification steps I can understand.
Open file, Search, Replace (Or Add code above or below)
Can anyone tell me what to do?
Because my payment gateway is really hard to do for me, If it is the part that OpnCart can handle, I hope to get your help.
Thank you!
Anyway, I have installed php 7.3 now, I need to be able to solve this problem with the modification steps I can understand.
Open file, Search, Replace (Or Add code above or below)
Can anyone tell me what to do?
Because my payment gateway is really hard to do for me, If it is the part that OpnCart can handle, I hope to get your help.
Thank you!
You need to change all the setcookies calls to the 2nd format by putting options in an array.
https://www.php.net/manual/en/function.setcookie.php
So
Becomes
I wouldn't bother doing the Amazon cookies unless you are using the Amazon login or pay. I'd be weary of doing the session cookies, unless you have to, as one of the reasons for changing the default of SameSite was to protect cookies such as the session cookie.
https://www.php.net/manual/en/function.setcookie.php
So
Code: Select all
setcookie('currency', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);Code: Select all
setcookie('currency', $code, ['expires' => time() + 60 * 60 * 24 * 30, 'path' => '/', 'domain' => $this->request->server['HTTP_HOST'], 'samesite' => 'None', 'secure' => true]);Thank you for your reply!
Because someone told me that I only need to search and change the code for the following keywords:
So you mean I just need to modify these two codes?
and
Because I don't need to use Amazon, I should not need to modify this file, But how do I modify other files?
Thank you!
Because someone told me that I only need to search and change the code for the following keywords:
Code: Select all
setcookie('Code: Select all
setcookie('language', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);Code: Select all
setcookie('currency', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);Thank you!
Yes, change those two lines with setcookie first and the tracking one. If that doesn't help you have to look at changing the setcookie lines in system/library/session.php as well.
What files have you changed so far? What warnings are you still getting? What cookies and flags do you see in your web browser's development tool?
Thank you very much for the help of ADD Creative, I seem to have solved this problem!
Thank you!
Open file:
upload/catalog/controller/startup/startup.php
Found
Replace
Found
Replace
Open file:
upload/system/library/session.php
Found
Replace
Found
Replace
Thank you!
Open file:
upload/catalog/controller/startup/startup.php
Found
Code: Select all
setcookie('currency', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);
Code: Select all
setcookie('currency', $code, ['expires' => time() + 60 * 60 * 24 * 30, 'path' => '/', 'domain' => $this->request->server['HTTP_HOST'], 'samesite' => 'None', 'secure' => true]);Code: Select all
setcookie('language', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);Code: Select all
setcookie('language', $code, ['expires' => time() + 60 * 60 * 24 * 30, 'path' => '/', 'domain' => $this->request->server['HTTP_HOST'], 'samesite' => 'None', 'secure' => true]);upload/system/library/session.php
Found
Code: Select all
setcookie($key, $this->session_id, ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));Code: Select all
setcookie($key, $this->session_id, ['expires' => ini_get('session.cookie_lifetime'), 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'samesite' => 'None', 'secure' => true, 'httponly' => ini_get('session.cookie_httponly')]);Code: Select all
setcookie($key, '', time() - 42000, ini_get('session.cookie_path'), ini_get('session.cookie_domain'));Code: Select all
setcookie($key, '', ['expires' => time() - 42000, 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'samesite' => 'None', 'secure' => true]);
Last edited by HAO on Wed Apr 08, 2020 2:14 pm, edited 2 times in total.
Who is online
Users browsing this forum: No registered users and 408 guests
