Notifications
Clear all

External Site Cookies

Page 1 / 4

Posts: 10
Topic starter
(@tonyb6000)
Active Member
Joined: 4 weeks ago

I am trying to use this plugin to put our external e-commerce site onto a Wordpress main site.

Wordpress test site: http://vintagedesklamp.co.uk/samco/

E-commerce site: https://samcosport.keekmerch.com/

I can get the iframe to work but the cookies required to add to cart and sign in don't work.

I have tried the Safari cookie fix but that causes Safari to try and load the _safari_fix.html file constantly ( https://samcosport.keekmerch.com/img/_safari_fix.html).

Using the external workaround causes the iframe to redirect to the e-commerce site.

Can someone walk me through all the options to get this to work? I want the install on the final production site for the client to go smoothly.

 

Thanks

19 Replies
TinyWebGallery
Posts: 399
Admin
(@admin)
Administrator
Joined: 12 years ago

Hi,

If I get to your site I see in the console that you have enabled the resize for the same domain.

The problem you have is described here:

http://www.tinywebgallery.com/blog/advanced-iframe/advanced-iframe-pro-demo/how-to-use-the-samesite-cookie-fix

So you main problem is that in your commerce site the cookies are not set properly. they are not secure and also samesite is set the lax for many. Can you change the cookies? If not you can try adopting the .htaccass so that the cookies are set properly. One issue can be the the cookies have set lax already. so I don't know if the rewrite does work. So you have to try this.

The safari fix cannot work if the cookies are rejected in the first place.

Best regards,

Michael

 

Reply
Posts: 10
Topic starter
(@tonyb6000)
Active Member
Joined: 4 weeks ago

Hi Michael

Thanks for the reply. I have this in the .htaccess file on the commerce site:

<IfModule mod_headers.c>
Header always edit Set-Cookie ^(.*)$ $1;Secure;SameSite=None
Header always append X-Frame-Options ALLOW-FROM vintagedesklamp.co.uk
Header always append X-Frame-Options ALLOW-FROM samcosport.com
</IfModule>

Should that work?

Reply
TinyWebGallery
Posts: 399
Admin
(@admin)
Administrator
Joined: 12 years ago

Allow-From will most likely throw an error.

https://caniuse.com/x-frame-options   actually not really supported.

About the cookie. You need to test. As I have written here:
http://www.tinywebgallery.com/blog/advanced-iframe/advanced-iframe-pro-demo/how-to-use-the-samesite-cookie-fix

is seems depending on your server you need to use a different syntax.

So simply try. You see in the developer tools how you cookies look like.

Best regards, Michael

 

Reply
Posts: 10
Topic starter
(@tonyb6000)
Active Member
Joined: 4 weeks ago

Hi Michael

I'm afraid I am still having trouble with this. I can see that the cookies from the ecommerce ( https://samcosport.keekmerch.com ) store are secure and have SameSite=None (see attached) and it works in Firefox, but I cannot get it to work in Chrome or Edge. Could you walk me through the settings I need please? What have I done wrong? If I set the Safari URL to all:src it just opens the ecommerce site, not the page with the iFrame.

Reply
Page 1 / 4