[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
Re: [mv] session being dropped in cookie less checkout
****** message to minivend-users from Randy Moore <ramoore@axion-it.net> ******
At 5/28/00 03:22 PM , you wrote:
>****** message to minivend-users from Mark Stosberg
><mark@summersault.com> ******
>
>Gideon van Gelder wrote:
> >
> > Did you try the WideOpen directive in catalog.cfg?
> > If you never heard of this, go check out the faq at
> > minivend.com about dropping the basket when going to
> > secure checkout. There have also been major threads
> > about this subject in the past, that may be able
> > to help.
> >
> > BTW, change minivend.cfg to read:
> >
> > Domaintail no
> > IpHead yes
> > IpQuad 0
> >
> > and set this in catalog.cfg:
> >
> > WideOpen yes
> > SessionExpire 15 minutes
> >
>
>Gideon,
>
> Thanks for the suggestion. I implemented just as you suggest (with MV
>4.04) and still lose the cookie in the same place.
Hi Mark,
I've found that by:
1) using the 'CookieDomain' directive in 'catalog.cfg'
AND
2) making sure that EVERY <form> on all my MV pages contains:
<INPUT TYPE=hidden NAME="mv_session_id" VALUE="[data session id]">
I can avoid losing the session (shopping cart) with or without
Cookies. And, this way there is no need to use the security reducing
directives like: WideOpen, IpHead, and DomainTail
Obviously the key for the non-cookie scenario is #2.
FYI, here is how I'm using the 'CookieDomain' directive:
CookieDomain .medoptionslegal.com .medifocuslegal.com
^^ non-ssl domain^^ ^^ ssl domain ^^
If anyone knows of situations where these two methods together don't solve
the problem, please let me know. I think this is a general solution, but I
could easily be wrong.
Randy Moore
Axion Information Technologies, Inc.
email ramoore@axion-it.net
phone 301-408-1200
fax 301-445-3947
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list