One of the sites I work on has suddenly started having a problem where users get to the OPAY screen and get a message saying "Your session has timed out". After lots of tinkering I realized that Miva is not creating the basket-id and checkout-session cookies.
I was able to work around the issue by adding a meta tag to the basket page that creates the basket-id cookie, and another meta tag to the OSEL screen that creates the checkout-session cookie.
The missing checkout-session cookie is what caused the timeout error. On a working Miva installation, that cookie is created on the OSEL screen (I figured this out by tinkering with a Miva 9 demo store).
The only change I made to my settings was on Domain Settings > Domain Details > Cookie Settings > Non-secure Miva Merchant Cookie Output. It used to be "Set only on HTTP connections..." and I changed it to "Set on both HTTP and HTTPS connections..." - this is on purpose and needs to remain. However, out of curiousity, I changed it back, wiped all my cookies and started fresh, and still got the timeout error, so I don't think this has anything to do with it.
It seems like the system has just decided to stop creating these cookies on it's own, and I can't figure out why. I'm not the only one having this problem, we were alerted to it by customers calling, so I'm sure it's not a peculiarity of my computer or my web browser.
Anyone have any idea why the system would stop creating those cookies?
I was able to work around the issue by adding a meta tag to the basket page that creates the basket-id cookie, and another meta tag to the OSEL screen that creates the checkout-session cookie.
The missing checkout-session cookie is what caused the timeout error. On a working Miva installation, that cookie is created on the OSEL screen (I figured this out by tinkering with a Miva 9 demo store).
The only change I made to my settings was on Domain Settings > Domain Details > Cookie Settings > Non-secure Miva Merchant Cookie Output. It used to be "Set only on HTTP connections..." and I changed it to "Set on both HTTP and HTTPS connections..." - this is on purpose and needs to remain. However, out of curiousity, I changed it back, wiped all my cookies and started fresh, and still got the timeout error, so I don't think this has anything to do with it.
It seems like the system has just decided to stop creating these cookies on it's own, and I can't figure out why. I'm not the only one having this problem, we were alerted to it by customers calling, so I'm sure it's not a peculiarity of my computer or my web browser.
Anyone have any idea why the system would stop creating those cookies?
Comment