[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date ][Minivend by thread ]

SSL problem: "No items in your basket" on many minivend sites

To: minivend-users@minivend.com
Subject: SSL problem: "No items in your basket" on many minivend sites
From: Joe Mazz <joemazz@earthlink.net>
Date: Fri, 14 May 1999 20:08:51 -0700
CC: russ@khouse.org
Reply-To: minivend-users@minivend.com
Sender: owner-minivend-users@minivend.com

Dear Minivend gurus:

My minivend catalog project was operating just fine through the checkout
phase,
until I ventured into using SSL. I have been experiencing a problem that
Russ@khouse.org
described in a posting back in November 1998. Without  SSL the checkout
process works fine, but SSL is required to do business in the real
world.
With SSL, when the final page comes up (served by ord/checkout.html),
minivend thinks there are no items in the shopping cart, so you can't
check out.

I found no messages in the minivend mail archive following up on Russ's
posting to
offer a solution to this problem. Other postings mention numerous
related problems
regarding configuring or using Minivend with SSL, but follow-up postings
again don't
offer clear solutions, only possible "hints."

Today I surveyed six catalogs on the Web that are using Minivend, and
with
Netscape Communicator 4.07 I was not able to keep anything in the
"backet" to
complete an order on any of them! Assuming these sites have been taking
orders from
some people, I can only conclude it is a brower issue.  Assuming I am
not alone in this
problem, it is possible that many potential customers are turned away
from minivend sites
because after ordering items, users simply cannot check out.

I suspect it has something to do with cookies issued from the non-SSL
pages being
mismatched with those issued from the SSL server for the checkout page.
Is a possible solution to set options in minivend.cfg or  catalog.cfg to
not use cookies?

Does anyone have a FAQ document  to help developers with this and other
problems
with minivend's interaction with SSL?

Any solutions will be highly appeciated (by many of us, I'm sure).

Thanks in advance.

Regards,

Joe

http://www.minivend.com:80/minivend/minivend-list/1998-old/2026.html

Title: MiniVend Mail List: Cart contents missing in Secure

Cart contents missing in Secure

Russ (russ@khouse.org)
Tue, 10 Nov 1998 16:22:35 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: govind shridhare: "adding values in [perl] tag"
Previous message: Larry Leszczynski: "Re: reconfig script password ???"

****** message to minivend-users from "Russ" <russ@khouse.org> ******

This is a multi-part message in MIME format.

------=_NextPart_000_0010_01BE0CC6.54BD69B0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

I am having a problem with the contents of a shopping cart disappearing when
going to a secure URL, but only in 4.0 browsers.

I am running IRIX 6.2 on an SGI challenge. I have Apache 1.3.1 installed,
and Netscape Enterprise 3. The secure certificate is installed on Netscape,
and the rest of the domain is on Apache. The minivend version is 3.11,
running one catalog in Unix mode. I have a basket.html which is non-secure,
and a checkout.html which is secure, by the AlwaysSecure directive:
ord/checkout.

What I've tried:

Using 3.0 browsers (NS and IE 3) pages served non-securely will show the
contents of a basket, based on the [if items] tag. Other components of the
page display based on this tag also. (The button for shopping cart and
checkout are not available unless you have items!) The page served securely
also shows the contents of the basket. Everything seems to work just fine.

Using 4.0 browsers however, the pages served non-securely show the contents,
while the pages served securely do not. If I take the AlwaysSecure
directive off all the pages, it works perfectly, but without SSL (of
course). I want it to only serve the checkout.html securely. When i set
the basket.html to secure also, it won't display any items. (as if the [if
items] is returning false). It doesn't empty my cart, as i can follow a
non-secure link and the contents come right back.

I've tried setting things up using the IP address, in case its the naming
that is messed up, but that didn't do it. The error logs have no errors for
these transactions. I'm pretty well stumped!

--------------------------------------------Russ
A faithful man will be richly blessed, but one eager to get rich will not go
unpunished.

Proverbs 28:20

------=_NextPart_000_0010_01BE0CC6.54BD69B0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">

I am=20 having a problem with the contents of a shopping cart disappearing when = going to=20 a secure URL, but only in 4.0 browsers.

I am=20 running IRIX 6.2 on an SGI challenge. I have Apache 1.3.1 = installed, and=20 Netscape Enterprise 3. The secure certificate is installed on = Netscape,=20 and the rest of the domain is on Apache. The minivend version is = 3.11,=20 running one catalog in Unix mode. I have a basket.html which is=20 non-secure, and a checkout.html which is secure, by the AlwaysSecure = directive:=20 ord/checkout.

What=20 I've tried:

Using=20 3.0 browsers (NS and IE 3) pages served non-securely will show the = contents of a=20 basket, based on the [if items] tag. Other components of the page = display=20 based on this tag also. (The button for shopping cart and checkout are = not=20 available unless you have items!) The page served securely also = shows the=20 contents of the basket. Everything seems to work just=20 fine.

Using=20 4.0 browsers however, the pages served non-securely show the contents, = while the=20 pages served securely do not. If I take the AlwaysSecure directive = off all=20 the pages, it works perfectly, but without SSL (of course). I want = it to=20 only serve the checkout.html securely. When i set the basket.html = to=20 secure also, it won't display any items. (as if the [if items] is=20 returning false). It doesn't empty my cart, as i can follow a = non-secure=20 link and the contents come right back.

I've=20 tried setting things up using the IP address, in case its the naming = that is=20 messed up, but that didn't do it. The error logs have no errors = for these=20 transactions. I'm pretty well stumped!

--------------------------------------------Russ

A faithful man will be richly blessed, but one eager to get rich will = not go=20 unpunished.

Proverbs=20 28:20

------=_NextPart_000_0010_01BE0CC6.54BD69B0-- - To unsubscribe from the list, DO NOT REPLY to this message. Instead, send email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com. Archive of past messages: http://www.minivend.com/minivend/minivend-list

Next message: govind shridhare: "adding values in [perl] tag"
Previous message: Larry Leszczynski: "Re: reconfig script password ???"

Follow-Ups:
- Re: SSL problem: "No items in your basket" on many minivend sites
  - From: William Tan <william@absolutely.com.sg>
- Re: SSL problem: "No items in your basket" on many minivend sites
  - From: Marius Schaefer <maillist@b-p-a.com>

Prev by Date: RE: MV:3.12 - Static Page Building
Next by Date: Re: Checkstat.sh - does not remove 'mv_failed' > SOLUTION
Prev by thread: RE: Defining "From:" in email-confirmation
Next by thread: Re: SSL problem: "No items in your basket" on many minivend sites
Index(es):
- Date
- Thread