Open praveen-gopal opened 11 months ago
Hi Praveen, Thanks for the update, we will check from our side and let you know. Mean while could you please update about the version details of our plugin and Magento that you are using now. And let us know if your are facing any issue because of this.
Thanks & Regards, Elavarasan Natarajan.
Hi @elavarasann ,
Magento 2.4.5 sapient/module-worldpay : 2.4.5-p10123
Currently we are performing the Qualys scan for our websites and as part of suggestion, we got request to set the httpOnly and secure attributes for envMode cookie, as the attributes are not added.
So, I am trying to understand whether the cookie can be updated or is it required.
Hi Praveen,
Basically this cookie was added to detect the env mode like live or test. Based on that we will switch the endpoint of payment gateway URL. But please give me some more time, I will check with my team and confirm about this.
Thanks & Regards, Elavarasan Natarajan.
OK @elavarasann, Please check and let me know about the cookie details.
HI @elavarasann , Did you get a chance to check in with your team about the cookie?
Hi Praveen, we have checked from our side, the cookie is used in Samsung Pay. If you are removing this cookie then it will affect in Samsung Pay.
Hi @elavarasann, We are using the worldpay payment, if we remove the "envMode" cookie or add the "secure" attribute to the cookie it will affect any worldpay payment related flow / functionality?
Hi @praveen-gopal , This will only impact Samsung Pay, Payment method and rest all will work smoothly.
We will consider a fix to tis issue in Q1-2024
Hi Team,
Could you please help me to understand the usage of "envMode" cookie?
From the file below, we found that the envMode cookie is created, but could not find out where it is being used.
Please refer the attached screenshot.
https://github.com/Worldpay/Worldpay-Magento2-CG/blob/master/view/frontend/templates/webpayment.phtml
Thanks Praveen