Page 1 of 2
How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jul 06, 2021 10:30 am
by HAO
Yesterday I saw this
article on the site of Taiwan, Basically saying that the option "SameSite by default cookies" has been removed by Chrome 91.
If this is a confirmed news, How can we make OpenCart 2.3 support Chrome 91 and solve the SameSite problem? I mean the third-party payment gateway module still has the same problem, I need someone to tell us how to solve it?
Does anyone know the latest solutions in OpenCart 2.3 and OpenCart 3.0?
Please help me, Thank you!
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jul 06, 2021 4:54 pm
by ADD Creative
The article is about the hidden chrome://flags SameSite settings being removed. Only a tiny percentage of customers will of ever changed theses setting, so I don't see how anything has really changed. See:
https://www.chromium.org/updates/same-site
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jul 06, 2021 5:05 pm
by HAO
So this means that the changes we made last year do not require any changes, do you mean that?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jul 06, 2021 7:19 pm
by ADD Creative
HAO wrote: ↑Tue Jul 06, 2021 5:05 pm
So this means that the changes we made last year do not require any changes, do you mean that?
No changes needed. If it worked in Chrome 90 (without changes to any hidden settings) it will work in Chrome 91.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Aug 30, 2021 11:31 am
by HAO
I must say that our previous modification method is no longer valid, Because every day, many customers report to us that they cannot normally use the payment gateway module to complete the payment, Can you find out the latest solution for us now?
Thank you!
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Aug 30, 2021 5:32 pm
by ADD Creative
Check the cookie flags in your web browser's developer tool. Is same SiteSite set to "None" and Secure set?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Sun Sep 24, 2023 5:04 am
by HAO
ADD Creative wrote: ↑Mon Aug 30, 2021 5:32 pm
Check the cookie flags in your web browser's developer tool. Is same SiteSite set to "None" and Secure set?
After this, my original payment module worked fine, But a few days ago we installed a new payment module and there was a problem.
That module seems to use technology from SameSite - Lax, So my original payment module works fine, but when I use the new module it doesn't work properly.
So my original payment module works fine, but when I use the new module it doesn't work properly.
I have verified the source code of OpenCart 4.0.2.3, I found that Daniel ended up using SameSite - Lax as a solution:
Code: Select all
// Set a new currency cookie if the code does not match the current one
if (!isset($this->request->cookie['currency']) || $this->request->cookie['currency'] != $code) {
$option = [
'expires' => time() + 60 * 60 * 24 * 30,
'path' => '/',
'SameSite' => 'Lax'
];
setcookie('currency', $code, $option);
}
How can I teach you how to change my SameSite=None modification method to SameSite - Lax?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Sun Sep 24, 2023 4:35 pm
by SohBH
Add to .htaccess
Code: Select all
Header always edit Set-Cookie (.*) "$1; SameSite=Lax"
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Sun Sep 24, 2023 6:43 pm
by HAO
But the problem is that I have modified the code according to
this:
How do I deal with the code I have modified, Let my original payment module work normally?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Sep 25, 2023 12:58 am
by ADD Creative
If a payment method works with with Lax it will also work with None, so there would be no need to change.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Sep 25, 2023 3:49 pm
by HAO
This is the payment module I originally used, I have confirmed that I am in the original OpenCart environment and if I have not modified the SiteSite-None solution, I am not functioning properly.
https://github.com/ECPay/OpenCart2.3.0.2
https://github.com/ECPay/OpenCart3.X
When I use the solution you modified for me, The problem of not being able to be used properly has been solved, But when I install a new module in the same environment, it cannot be used normally.
https://github.com/payuni/OpenCart3.X
I now want to confirm how to solve the compatibility problem between the two?
ECPay SiteSite = None
payuni SiteSite = Lax
OpenCart 4.0.2.3 has officially used SiteSite = Lax
Does this mean that my problem can be solved as long as ECPay can operate normally in the environment of SiteSite = Lax?
If so, how should I change this code?
viewtopic.php?f=202&t=219633#p797082
Can you help me?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Sep 25, 2023 4:30 pm
by SohBH
Are you using the right extension for Opencart 2?
https://github.com/payuni/OpenCart3.X
This is for Opencart 3.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Sep 25, 2023 6:29 pm
by ADD Creative
HAO wrote: ↑Mon Sep 25, 2023 3:49 pm
This is the payment module I originally used, I have confirmed that I am in the original OpenCart environment and if I have not modified the SiteSite-None solution, I am not functioning properly.
https://github.com/ECPay/OpenCart2.3.0.2
https://github.com/ECPay/OpenCart3.X
When I use the solution you modified for me, The problem of not being able to be used properly has been solved, But when I install a new module in the same environment, it cannot be used normally.
https://github.com/payuni/OpenCart3.X
I now want to confirm how to solve the compatibility problem between the two?
ECPay SiteSite = None
payuni SiteSite = Lax
OpenCart 4.0.2.3 has officially used SiteSite = Lax
Does this mean that my problem can be solved as long as ECPay can operate normally in the environment of SiteSite = Lax?
If so, how should I change this code?
viewtopic.php?f=202&t=219633#p797082
Can you help me?
If you are using SameSite=None, then payment extensions that require either None or Lax will work. If you are using SameSite=Lax, then only payment extensions that require Lax will work.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Mon Sep 25, 2023 10:01 pm
by HAO
What I mean is, can ECPay be changed to SiteSite = Lax?
By modify the code of this
post, Would it be possible to solve my problem if I changed None to Lax in this code?
Original
Change to
This is what I want to confirm, Because I heard that future iPhones and browsers will directly cancel SameSite None.
If so, I want to update the practice like this, Can you help me?
Thank you!
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Sep 26, 2023 2:22 am
by ADD Creative
HAO wrote: ↑Mon Sep 25, 2023 10:01 pm
What I mean is, can ECPay be changed to SiteSite = Lax?
By modify the code of this
post, Would it be possible to solve my problem if I changed None to Lax in this code?
Original
Change to
This is what I want to confirm, Because I heard that future iPhones and browsers will directly cancel SameSite None.
If so, I want to update the practice like this, Can you help me?
Thank you!
Yes, if you want to change SameSite to Lax then in the changes replace None with Lax.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Sep 26, 2023 8:12 am
by HAO
Because I can only use Google Translate to understand what you mean, What you mean is that no matter which version of OpenCart I use, I only need to modify the keywords and other code does not need to be modified, right?
Original
Change to
I only need to make this modification and no other changes are needed, right?
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Sep 26, 2023 4:00 pm
by ADD Creative
HAO wrote: ↑Tue Sep 26, 2023 8:12 am
Because I can only use Google Translate to understand what you mean, What you mean is that no matter which version of OpenCart I use, I only need to modify the keywords and other code does not need to be modified, right?
Original
Change to
I only need to make this modification and no other changes are needed, right?
Yes.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jun 04, 2024 6:36 pm
by HAO
Hello!
Recently we had the same problem again, but this time the customer successfully completed the payment.
But the order status cannot be updated normally, After searching for keywords on Google, I found that it may be related to SameSite being abandoned in 2024.
This is my code:
Open:
catalog/controller/startup/startup.php
Find:
Code: Select all
setcookie('language', $code, time() + 60 * 60 * 24 * 30, '/', $this->request->server['HTTP_HOST']);
Replace:
Code: Select all
setcookie('language', $code, ['expires' => time() + 60 * 60 * 24 * 30, 'path' => '/', 'domain' => $this->request->server['HTTP_HOST'], 'SameSite' => 'None', 'Secure' => true]);
Open:
system/library/session.php
Find:
Code: Select all
ini_set('session.cookie_httponly', 'On');
Add after:
Code: Select all
ini_set('session.cookie_secure', 'On');
ini_set('session.cookie_samesite', 'None');
Find:
Code: Select all
setcookie($key, $this->session_id, ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));
Replace:
Code: Select all
setcookie($key, $this->session_id, ['expires' => ini_get('session.cookie_lifetime'), 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'SameSite' => 'None', 'Secure' => true, 'httponly' => ini_get('session.cookie_httponly')]);
Find:
Code: Select all
setcookie($key, '', time() - 42000, ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
Replace:
Code: Select all
setcookie($key, '', ['expires' => time() - 42000, 'path' => ini_get('session.cookie_path'), 'domain' => ini_get('session.cookie_domain'), 'SameSite' => 'None', 'Secure' => true]);
Dear sir, can you use Google Translate to understand new solutions?
https://www.darrelltw.com/2024-3rd-part ... le-chrome/
Thank you very much!
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Tue Jun 04, 2024 10:49 pm
by ADD Creative
The article relates to third party cookies being phased out. This has nothing to do with the SameSite setting.
Re: How to make OpenCart 2.3 solve the SameSite problem of Chrome 91?
Posted: Wed Jun 05, 2024 2:22 am
by HAO
Because of my payment gateway module, payment must be completed on their payment page.
So what we encounter is, They have received the payment action from the customer and added money to our payment gateway account.
However, completing the payment action did not successfully change the next order status, Do you think this is related to the setting of "None"?
Because I saw Microsoft’s instructions seem to be related to this:
Handle SameSite cookie changes in Chrome browser