search

magento / magento2

Prior to making any Submission(s), you must sign an Adobe Contributor License Agreement, available here at: https://opensource.adobe.com/cla.html. All Submissions you make to Adobe Inc. and its affiliates, assigns and subsidiaries (collectively “Adobe”) are subject to the terms of the Adobe Contributor License Agreement.
http://www.magento.com
Open Software License 3.0
11.56k stars 9.32k forks source link

Custom ajax calls reset customer data on checkout (Magento 2.2.x) #12312

Closed atsareva closed 7 years ago

atsareva commented 7 years ago

Hi guys!

Recently I've updated a magento project with 2.2 version and noticed the next issue. If you add some products to cart and go to checkout page,fill shipping address, go to the next step and then reload a page, customer data is disappeared. So customer can't place order because he doesn't have an address but he also doesn't see any errors.

Further investigations show that this issue happened due to ajax calls on the checkout page. Our project contains a lot of extensions which use ajax (type: 'post') to set some data e.g popup extension to set a cookie, GTM - to build an additional block to track checkout steps, payment provider - to update some fields, etc... When I disabled these extension, checkout works like it should.

I've installed clean version of magento 2.2.0 with sample data and hardcoded the next ajax call to the onepage.phml 

<script type="text/javascript">
        require(['jquery'], function(){
            jQuery.ajax({
                url: '<?php echo $block->getUrl('test/test/index'); ?>',
                type: "POST",
                dataType: 'json',
                context: this,
                data: {
                    isAjax: 'true'
                }
            });
        })

Controller returns only one line - echo json_encode(['success' => true]); In this case a got the same error!

Note. This code was added only to test ajax. This issue occurs only if type of ajax is POST.

Steps to reproduce

  1. Add some product to the cart
  2. Go to checkout
  3. Fill shipping address
  4. Go to the next step
  5. When the second step is loaded, press F5 and customer data is reset, please look at screen checkout

Also you can get the same issue, when 1,2,3,4. The same

  1. Go to home/cart/category/product pages
  2. Return to the first step of checkout - all fields will be empty

Preconditions

  1. Magento 2.2.x with sample data
  2. Popup pro 1.1.0
  3. PHP Version 7.0.22-0ubuntu0.16.04.1
  4. mysql Ver 14.14 Distrib 5.7.20, for Linux (x86_64)
  5. Apache/2.4.18 (Ubuntu)

Thanks, Alena Tsareva

josh-nh commented 7 years ago

I wonder if this issue is in anyway related to this one: https://github.com/magento/magento2/issues/11314?

The steps to recreate are similar. @atsareva - just out of curiosity are you using Varnish?

atsareva commented 7 years ago

Hi @josh-nh, This is another issue and it depends only on ajax calls with post type on the checkout. Also this issues occurs only for guests and customer's data object is reset on the front. Therefore customer and quote sessions are ok. I faced this issue on my local env with magento fresh installation (without Varnish).

ghost commented 7 years ago

@atsareva we have the same issue on our project, it's driving us insane.

magento-engcom-team commented 7 years ago

@atsareva, thank you for your report. We were not able to reproduce this issue by following the steps you provided. If you'd like to update it, please reopen the issue. We tested the issue on 2.3.0-dev, 2.1.10, 2.2.1

atsareva commented 7 years ago

Hi @magento-engcom-team ,

I've tested this issue on magento 2.2.0 and 2.2.1 too and reproduced on both versions.

However I've reinstalled magento again

magento_version

added ajax (type: POST) call to vendor/magento/module-checkout/view/frontend/templates/onepage.phtml

onepage

created controller

test_controller

fill address on the first step of checkout and go the second page

checkout

press F5

checkout_after_f5

but any errors in console or in the log, also ajax got 200 response

checkout_after_f5_console

I understand that this is not typical issue. We had to update project from 2.1.9 to 2.2.0 to fix some critical issue with disappearing products during reindex. But now we stuck with this issue. Because a about 4 important extension uses ajax on the checkout.

Thanks, Alena Tsareva

atsareva commented 6 years ago

Hi @magento-engcom-team, Please could your reopen this issue and try to reproduce again. In the comment above I've attached a lot of screenshots, maybe this is help you.

I think this is some security issue, because AJAX with GET type works fine instead of AJAX with POST.

Recently we got a patch for popup extension. They also reproduced this issue and changed POST calls with GET.

Thanks, Alena Tsareva

mvaisberg commented 6 years ago

@atsareva did you fixed this issue? it happend to me too

atsareva commented 6 years ago

Hi @mvaisberg , I've found all ajax calls on checkout and replaced 'POST' type with 'GET' one. This is temporary solution, but it works.

mvaisberg commented 6 years ago

@atsareva Thanks for answering!

I just found one 'POST' and replaced with 'GET' on

vendor/magento/module-checkout/view/frontend/web/js/sidebar.js line 258.

Did you remember someone else?

atsareva commented 6 years ago

@mvaisberg hm...in my case it was only due to custom extensions, as I remember custom payment method, google analytics and popup extensions. I didn't face with this issue using default magento.

mekedron commented 5 years ago

Hello, Magento Page Cache module changes privat content version cookie each post request. So make a plugin for this place and add your check: http/vendor/magento/framework/App/PageCache/Version.php