External Site Cookies
I am trying to use this plugin to put our external e-commerce site onto a Wordpress main site.
Wordpress test site: http://vintagedesklamp.co.uk/samco/
E-commerce site: https://samcosport.keekmerch.com/
I can get the iframe to work but the cookies required to add to cart and sign in don't work.
I have tried the Safari cookie fix but that causes Safari to try and load the _safari_fix.html file constantly ( https://samcosport.keekmerch.com/img/_safari_fix.html).
Using the external workaround causes the iframe to redirect to the e-commerce site.
Can someone walk me through all the options to get this to work? I want the install on the final production site for the client to go smoothly.
If I get to your site I see in the console that you have enabled the resize for the same domain.
The problem you have is described here:
So you main problem is that in your commerce site the cookies are not set properly. they are not secure and also samesite is set the lax for many. Can you change the cookies? If not you can try adopting the .htaccass so that the cookies are set properly. One issue can be the the cookies have set lax already. so I don't know if the rewrite does work. So you have to try this.
The safari fix cannot work if the cookies are rejected in the first place.
Thanks for the reply. I have this in the .htaccess file on the commerce site:
<IfModule mod_headers.c> Header always edit Set-Cookie ^(.*)$ $1;Secure;SameSite=None Header always append X-Frame-Options ALLOW-FROM vintagedesklamp.co.uk Header always append X-Frame-Options ALLOW-FROM samcosport.com </IfModule>
Should that work?
Allow-From will most likely throw an error.
https://caniuse.com/x-frame-options actually not really supported.
About the cookie. You need to test. As I have written here:
is seems depending on your server you need to use a different syntax.
So simply try. You see in the developer tools how you cookies look like.
Best regards, Michael
I'm afraid I am still having trouble with this. I can see that the cookies from the ecommerce ( https://samcosport.keekmerch.com ) store are secure and have SameSite=None (see attached) and it works in Firefox, but I cannot get it to work in Chrome or Edge. Could you walk me through the settings I need please? What have I done wrong? If I set the Safari URL to all:src it just opens the ecommerce site, not the page with the iFrame.