Important Notice from AspDotNetStorefront
It is with dismay that we report that we have been forced, through the action of hackers, to shut off write-access to this forum. We are keen to leave the wealth of material available to you for research. We have opened a new forum from which our community of users can seek help, support and advice from us and from each other. To post a new question to our community, please visit: http://forums.vortx.com
Results 1 to 3 of 3

Thread: Customer Cookies on/off?

  1. 07-04-2011, 07:44 AM #1
    singproinc is offline Member
    Join Date
    Oct 2006
    Posts
    51

    Angry Customer Cookies on/off?

    We have recently updated to Multistore 9.1.0.1. We are now getting new customers who are complaining that they cannot get products into the cart. We discovered that turning off cookies in a browser will not allow products into the cart.

    Is there an appconfig or other setting that allows new customers with cookies turned off to make a purchase?
  2. 07-12-2011, 05:39 AM #2
    ChrisAtAbilityBusiness is offline Junior Member
    Join Date
    Jun 2011
    Location
    NE Ohio
    Posts
    23

    Default

    Hi,

    The Storefront utilizes (modified) versions of the .Net membership/role/profile providers. The authentication ticket that is created (whether the user is officially logged in or not) is left in the form of a cookie. I am fairly certain that there are no configuration settings to easily change this. I believe most major eCommerce platforms out there require cookies to function properly.

    It may (read: maybe with a lot of extra effort) be possible to store the authentication ticket in a hidden field and pass it along from page to page. If this is possible it is certainly not best practice or very secure.

    Thanks,
    Christopher Hallam
    Business Application Development & Consulting
    Ability Business
    AspDotNetStorefront Preferred Development Partner/Reseller
  3. 07-12-2011, 06:46 AM #3
    singproinc is offline Member
    Join Date
    Oct 2006
    Posts
    51

    Default

    Chris-

    The support staff at ADNSF pretty much lay this problem at the feet of IE 8, and are hopeful that IE 9 will be a better place for the storefront & WWW standards. I've placed a big red post-it that we encourage users to turn off protected mode if they are using IE, make sure they have cookies turned on; and even better, use Chrome, Firefox or Safari. Here's the response that I received from ADNSF support:

    "IE in protected mode has a lot of problems with cookies. It's supposed to be able to accept cookies fine, though it puts them in a different place on the client machine than normal, but often times you'll find that it just quietly rejects the cookie. There's plenty of information online regarding that and other problems with how it works, versus how Microsoft says it works. Even simple AJAX elements often don't work if they involve any client-side work, as IE will prevent the client-side scripts from running without ever notifying the user.

    "Unfortunately, there's nothing we can do about that, and the software relies very heavily on being able to issue cookies to the customer - as do most sites nowadays. The only thing we can say really is "don't use protected mode" - there's nothing we can do to make the software work better under the restrictions imposed by IE in that setup."