[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

Re: [mv] session being dropped in cookie less checkout

To: minivend-users@minivend.com
Subject: Re: [mv] session being dropped in cookie less checkout
From: Randy Moore <ramoore@axion-it.net>
Date: Sun, 28 May 2000 16:59:34 -0400
In-Reply-To: <393171A5.2ADBE57@summersault.com>
References: <392C4BF4.A9B91629@summersault.com><20000526154449.A2522@pegasus.freibergnet.de><392F47CA.97E2C1B1@summersault.com><003901bfc7be$99772820$78cf86c2@gideon>
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com

******    message to minivend-users from Randy Moore <ramoore@axion-it.net>     ******

At 5/28/00 03:22 PM , you wrote:
>******    message to minivend-users from Mark Stosberg 
><mark@summersault.com>     ******
>
>Gideon van Gelder wrote:
> >
> > Did you try the WideOpen directive in catalog.cfg?
> > If you never heard of this, go check out the faq at
> > minivend.com about dropping the basket when going to
> > secure checkout. There have also been major threads
> > about this subject in the past, that may be able
> > to help.
> >
> > BTW, change minivend.cfg to read:
> >
> > Domaintail no
> > IpHead yes
> > IpQuad 0
> >
> > and set this in catalog.cfg:
> >
> > WideOpen yes
> > SessionExpire 15 minutes
> >
>
>Gideon,
>
>   Thanks for the suggestion. I implemented just as you suggest (with MV
>4.04) and still  lose the cookie in the same place.

Hi Mark,

I've found that by:
1) using the 'CookieDomain' directive in 'catalog.cfg'
AND
2) making sure that EVERY <form> on all my MV pages contains:
<INPUT TYPE=hidden NAME="mv_session_id" VALUE="[data session id]">

I can avoid losing the session (shopping cart) with or without 
Cookies.  And, this way there is no need to use the security reducing 
directives like: WideOpen, IpHead, and DomainTail

Obviously the key for the non-cookie scenario is #2.

FYI, here is how I'm using the 'CookieDomain' directive:
CookieDomain    .medoptionslegal.com .medifocuslegal.com
                           ^^ non-ssl domain^^     ^^ ssl domain ^^

If anyone knows of situations where these two methods together don't solve 
the problem, please let me know.  I think this is a general solution, but I 
could easily be wrong.

Randy Moore
Axion Information Technologies, Inc.

email     ramoore@axion-it.net
phone   301-408-1200
fax        301-445-3947
-
To unsubscribe from the list, DO NOT REPLY to this message.  Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list

Follow-Ups:
- Re: [mv] session being dropped in cookie less checkout
  - From: Mark Stosberg <mark@summersault.com>

References:
- [mv] session being dropped in cookie less checkout
  - From: Mark Stosberg <mark@summersault.com>
- Re: [mv] session being dropped in cookie less checkout
  - From: Holm Tiffe <holm@freibergnet.de>
- Re: [mv] session being dropped in cookie less checkout
  - From: Mark Stosberg <mark@summersault.com>
- Re: [mv] session being dropped in cookie less checkout
  - From: "Gideon van Gelder" <gideon@swingmaster.nl>
- Re: [mv] session being dropped in cookie less checkout
  - From: Mark Stosberg <mark@summersault.com>

Prev by Date: [mv] minimate localization problem
Next by Date: Re: [mv] minimate localization problem
Prev by thread: Re: [mv] session being dropped in cookie less checkout
Next by thread: Re: [mv] session being dropped in cookie less checkout
Index(es):
- Date
- Thread