-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Formkey in window.checkoutConfig gets stale when logging in during checkout process #16020
Comments
I am not entirely sure what is the best course of action for fixing this problem.
|
I have made the following patch for the PageCache module, it is currently undergoing internal testing here at Vaimo.
|
Update: Our internal QA did not find any problems after the patch was applied |
Hello @k4emic, thank you for your report. |
FYI, we have also replicated the same issue on 2.1.15 |
Hi @NithyaBabuKesavan. Thank you for working on this issue.
|
✅ Jira issue https://jira.corp.magento.com/browse/AC-1030 is successfully created for this GitHub issue. |
✅ Confirmed by @engcom-Alfa. Thank you for verifying the issue. |
❌ Cannot export the issue. This GitHub issue is already linked to Jira issue(s): https://jira.corp.magento.com/browse/AC-1030 |
Preconditions
Steps to reproduce
4.1.
jQuery('[name=form_key]').val()
4.2.
jQuery.cookie('form_key')
4.3.
window.checkoutConfig.formKey
Expected result
window.checkoutConfig.formKey
should match current formkeyActual result
window.checkoutConfig
contains the stale formkey, making any validation of the key fail (Magento_Checkout/js/payment.js
uses this formkey for the payment form).In effect, this means that any payment methods that does validation of the formkey in the payment form will fail, after a user has logged in during checkout.
Why this happens
/checkout
will include the new formkey in the markup (in several places)mage.formKey
(page-cache.js) widget will see that no form_key cookie is set, and will generate a new form_key, setting the cookie while updating any "plain" input fields with the name "form_key". window.checkoutConfig is not affected.The text was updated successfully, but these errors were encountered: