I get a invalid form key when making a payment using iDeal/mastercard. #17
Comments
|
Also reproducible when cancelling the order. You should be redirected to the cart page, but instead you'll be redirected to the home page with |
|
Can you please provide us any additional information.
|
|
Magento version: 2.3.4 |
|
Thank you for sharing your information. Did you recently update from a older Buckaroo version (1.14.1 or lower to 1.18)? If so, please fill in your merchantkey, secretkey en certificate again. If not i want to ask you to contact our technical support team true support@buckaroo.nl We have al lot o merchants running on 2.3.4 in combination with buckaroo version 1.18 without problems. Our support team can help you with researching this issue. For now i don't see any issues in our plugin. |
|
@leonhelmus / @arnoudhgz can you confirm that updating the credentials fixed the issue? |
|
@Buckaroo-Rens no we were already on the new 'merchantkey', 'secretkey' and 'certificate' already. |
|
@Buckaroo-Rens it seems to have something to do with sessions, somehow the PHP session id has been changed when coming back from Buckaroo after a payment. That's why the formkey does not work when coming back to the shop. |
|
@arnoudhgz Then please contact our support team: support@buckaroo.nl |
|
@Buckaroo-Rens I've send an email to support. But.... I continued to look into it, it seems to have something to do with CSRF checks. At the moment we are testing it with the same 'hack'/'solution' as your competitor does: https://github.com/Adyen/adyen-magento2/blob/develop/Controller/Process/Redirect.php#L130 |
|
@arnoudhgz Could you let us know when your done testing and share us the results? |
|
@arnoudhgz Do you allready have some results? |
|
Yes it seems that the patch I created greatly reduces this issue. Your controller should get the same thing as the one from Adyen. Better would be to actually implement the |
|
@arnoudhgz, thanks for your comment! Сhanges were added into master branch. And will be available in release version. Please inform us about results after checking changes. |
|
Changes are included in latest release 1.24.0. |
When setting a samesite cookie behind an SSL offloading loadbalancer the secure flag does not get set automatically. This raises an exception causing a 502 denial of service. ``` "0":"Cookie must be secure in order to use the SameSite None directive.","1":"buckaroo-it#1 BuckarooMagento2ModelPluginFixSession->beforeSetPublicCookie() called at [vendor/magento/framework/Interception/Interceptor.php:121] buckaroo-it#2 MagentoFrameworkStdlibCookiePhpCookieManagerInterceptor->MagentoFrameworkInterception{closure}() called at [vendor/magento/framework/Interception/Interceptor.php:153] buckaroo-it#3 MagentoFrameworkStdlibCookiePhpCookieManagerInterceptor->___callPlugins() called at [generated/code/Magento/Framework/Stdlib/Cookie/PhpCookieManager/Interceptor.php:23] buckaroo-it#4 MagentoFrameworkStdlibCookiePhpCookieManagerInterceptor->setPublicCookie() called at [vendor/magento/framework/Session/SessionManager.php:247] buckaroo-it#5 MagentoFrameworkSessionSessionManager->renewCookie() called at [vendor/magento/framework/Session/SessionManager.php:212] buckaroo-it#6 MagentoFrameworkSessionSessionManager->start() called at [vendor/magento/framework/Interception/Interceptor.php:58] buckaroo-it#7 MagentoFrameworkSessionGenericInterceptor->___callParent() called at [vendor/magento/framework/Interception/Interceptor.php:138] buckaroo-it#8 MagentoFrameworkSessionGenericInterceptor->MagentoFrameworkInterception{closure}() called at [vendor/magento/framework/Interception/Interceptor.php:153] buckaroo-it#9 MagentoFrameworkSessionGenericInterceptor->___callPlugins() called at [generated/code/Magento/Framework/Session/Generic/Interceptor.php:23] buckaroo-it#10 MagentoFrameworkSessionGenericInterceptor->start() called at [vendor/magento/framework/Session/SessionManager.php:141] buckaroo-it#11 MagentoFrameworkSessionSessionManager->__construct() called at [generated/code/Magento/Framework/Session/Generic/Interceptor.php:14] buckaroo-it#12 MagentoFrameworkSessionGenericInterceptor->__construct() called at [vendor/magento/framework/ObjectManager/Factory/AbstractFactory.php:121] buckaroo-it#13 MagentoFrameworkObjectManagerFactoryAbstractFactory->createObject() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:108] buckaroo-it#14 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:150] buckaroo-it#15 MagentoFrameworkObjectManagerFactoryCompiled->get() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:79] buckaroo-it#16 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:150] buckaroo-it#17 MagentoFrameworkObjectManagerFactoryCompiled->get() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:79] buckaroo-it#18 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:150] buckaroo-it#19 MagentoFrameworkObjectManagerFactoryCompiled->get() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:79] buckaroo-it#20 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:150] buckaroo-it#21 MagentoFrameworkObjectManagerFactoryCompiled->get() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:125] buckaroo-it#22 MagentoFrameworkObjectManagerFactoryCompiled->parseArray() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:86] buckaroo-it#23 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/ObjectManager.php:70] buckaroo-it#24 MagentoFrameworkObjectManagerObjectManager->get() called at [vendor/magento/framework/App/FrontController.php:86] buckaroo-it#25 MagentoFrameworkAppFrontController->__construct() called at [generated/code/Magento/Framework/App/FrontController/Interceptor.php:14] buckaroo-it#26 MagentoFrameworkAppFrontControllerInterceptor->__construct() called at [vendor/magento/framework/ObjectManager/Factory/AbstractFactory.php:121] buckaroo-it#27 MagentoFrameworkObjectManagerFactoryAbstractFactory->createObject() called at [vendor/magento/framework/ObjectManager/Factory/Compiled.php:108] buckaroo-it#28 MagentoFrameworkObjectManagerFactoryCompiled->create() called at [vendor/magento/framework/ObjectManager/ObjectManager.php:70] buckaroo-it#29 MagentoFrameworkObjectManagerObjectManager->get() called at [vendor/magento/framework/App/Http.php:115] buckaroo-it#30 MagentoFrameworkAppHttp->launch() called at [vendor/magento/framework/App/Bootstrap.php:263] buckaroo-it#31 MagentoFrameworkAppBootstrap->run() called at [pub/index.php:40] ```
Whenever i try to make an payment using iDeal/Mastercard on a live account i get a invalid form key error when being redirected to the succes page. Does anyone else experience this problem? I cant seem to reproduce it with test credentials.
The text was updated successfully, but these errors were encountered: