Jump to content
dev osCommerce
Forum
  • Checkout
  • Login
  • Contact Us
  • Get in touch

osCommerce

The e-commerce.

New Demo
Our Partners

Cookie usage

mom2cwj2

By mom2cwj2
in General Support

Recommended Posts

mom2cwj2

mom2cwj2

Posted
Posted

I have been monitoring 'whos online' all day and am getting lots of traffic, but have noticed several being redirected to the cookie_usage.php page. They then just leave! One customer opened an account, put several items in her cart, and then did not complete the transaction.

 

I am on a server with shared ssl, and have my session settings as follows:

 

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID True (*tried both ways - this is the current setting)

Check User Agent False

Check IP Address False

Prevent Spider Sessions True

Recreate Session False

 

PWA is active. SEO's are disabled.

 

When testing the site myself, I never receive the cookie_usage page, and have not had any problems at all.

Can someone please help!! I have read through TONS of info and have tried everything to no avail!! Here is my "current" configure.php:

 

   define('HTTP_SERVER', 'http://www.thescraptote.com');   
  define('HTTPS_SERVER', 'https://www.thescraptote.com'); 
 define('ENABLE_SSL', true); 
 define('HTTP_COOKIE_DOMAIN', '.thescraptote.com');
 define('HTTPS_COOKIE_DOMAIN', '.thescraptote.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

Any and all help would be greatly appreciated!! BTW ... my catalog is not in the root directory. The site is here: http://thescraptote.com/catalog/

 

Thanks!!

boxtel

boxtel

Posted
Posted
I have been monitoring 'whos online' all day and am getting lots of traffic, but have noticed several being redirected to the cookie_usage.php page. They then just leave! One customer opened an account, put several items in her cart, and then did not complete the transaction.

 

I am on a server with shared ssl, and have my session settings as follows:

 

Session Directory /tmp

Force Cookie Use False

Check SSL Session ID True (*tried both ways - this is the current setting)

Check User Agent False

Check IP Address False

Prevent Spider Sessions True

Recreate Session False

 

PWA is active. SEO's are disabled.

 

When testing the site myself, I never receive the cookie_usage page, and have not had any problems at all.

Can someone please help!! I have read through TONS of info and have tried everything to no avail!! Here is my "current" configure.php:

 

   define('HTTP_SERVER', 'http://www.thescraptote.com');   
  define('HTTPS_SERVER', 'https://www.thescraptote.com'); 
 define('ENABLE_SSL', true); 
 define('HTTP_COOKIE_DOMAIN', '.thescraptote.com');
 define('HTTPS_COOKIE_DOMAIN', '.thescraptote.com');
 define('HTTP_COOKIE_PATH', '/catalog/');
 define('HTTPS_COOKIE_PATH', '/catalog/');
 define('DIR_WS_HTTP_CATALOG', '/catalog/');
 define('DIR_WS_HTTPS_CATALOG', '/catalog/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 

Any and all help would be greatly appreciated!! BTW ... my catalog is not in the root directory. The site is here: http://thescraptote.com/catalog/

 

Thanks!!

 

works fine, only spiders get the cookie usage page on your site which you added to your robots.txt file.

 

you cookie settings are not right and so is your ssl certificate.

 

but that does not result in cookie usage for customers, cookies set or not.

Treasurer MFC

mom2cwj2

mom2cwj2

Posted
  • Author
Posted
works fine, only spiders get the cookie usage page on your site which you added to your robots.txt file.

 

you cookie settings are not right and so is your ssl certificate.

 

but that does not result in cookie usage for customers, cookies set or not.

 

 

You said the cookie settings are not right? How should they be? I've gone through forum after forum trying to figure out which way was the best for a shared ssl.

 

So the cookie_usage pages are only seen by the spiders? That's good then? :unsure:

 

Thanks for looking at it!! It was very frustrating!!

boxtel

boxtel

Posted
Posted
You said the cookie settings are not right? How should they be? I've gone through forum after forum trying to figure out which way was the best for a shared ssl.

 

So the cookie_usage pages are only seen by the spiders? That's good then? :unsure:

 

Thanks for looking at it!! It was very frustrating!!

 

correction, your cookie settings are ok for medium security, anything higher than that and they are refused.

 

you can try to add this in application_top.php:

 

// cookie provacy policy to prevent IE privacy cookie problems at high security

header('P3P: CP="NOI ADM DEV PSAi COM NAV STP IND"');

 

this will inform IE that you have a privacy policy and it will allow your cookies to be accepted at the highest security setting, short of flat out refusing all cookies ofcourse.

 

 

The cookie usage page is shown if certain actions are performed which require a session and no session was started (I have a different opinion with regard to when a session is required than the osc team but that is a different topic). This happens for instance when you force cookies and the cookie is not set for whatever reason because with force cookies no session is started until a cookie is set for the session id.

 

But for spiders also no session is started (which is a must) and when they try to do an action they will be redirected to the same cookie usage page.

However, if you have that page disallowed in your robots.txt file, it is not indexed and all ends there for the spiders.

Treasurer MFC

mom2cwj2

mom2cwj2

Posted
  • Author
Posted
correction, your cookie settings are ok for medium security, anything higher than that and they are refused.

 

you can try to add this in application_top.php:

 

// cookie provacy policy to prevent IE privacy cookie problems at high security

header('P3P: CP="NOI ADM DEV PSAi COM NAV STP IND"');

 

this will inform IE that you have a privacy policy and it will allow your cookies to be accepted at the highest security setting, short of flat out refusing all cookies ofcourse.

The cookie usage page is shown if certain actions are performed which require a session and no session was started (I have a different opinion with regard to when a session is required than the osc team but that is a different topic). This happens for instance when you force cookies and the cookie is not set for whatever reason because with force cookies no session is started until a cookie is set for the session id.

 

But for spiders also no session is started (which is a must) and when they try to do an action they will be redirected to the same cookie usage page.

However, if you have that page disallowed in your robots.txt file, it is not indexed and all ends there for the spiders.

 

THANK YOU so much, Amanda!! You're awesome! :thumbsup:

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...