Lightning Roulette rules,Kurdish traditional clothes male.Recharge Every day and Get Bonus up-to 50%!

strictly-software
(@strictly-software)

9 years, 2 months ago

Hi

I have been informed by a customer (and confirmed it myself) that there is a problem with IE and non protocol specific domains e.g //www.paypal.com.

I know your button outputs them as https:// but something (I haven’t been able to narrow it down, it could be WordPress or a caching plugin, although I’ve not been able to find one that causes it) is changing the DOM so that if you view the source on the page containing the buttons (which is an HTTP page e.g no SSL), the FORM Actions changes from HTTPS to // e.g https://www.paypal.com becomes //www.paypal.com.

Therefore when a user clicks the button you first go to the HTTP domain on PayPal then get redirected to the HTTPS domain on PayPal.

Whilst Chrome and FireFox handles this correctly and pass all FORM data across correctly IE seems to have an issue and some of the encrypted button becomes malformed.

For example if I view the FORM data being posted in the developer toolbar (F12) it shows a Chinese character where the characters after BEGIN should be.

E.G in the FORM (and Chrome/FF redirects, it’s)

—–BEGIN PKCS7—–MIILQQYJKoZIhvcNAQcEoIILMjCCCy4CAQExgg….

but in IE it’s

—–BEGIN?—-MIILQQYJKoZIhvcNAQcEoIILMjCCCy4CAQExgg….

So the PKCS7 is going missing for some reason and being replaced by a Chinese character for some reason. I don’t know why it thinks it’s a chinese character but I do know from looking at the HTTP Request and Response headers that IE is only requesting an English/ASCII character set en-GB and getting back text/html as the Response, whilst Chrome is requesting more character sets and getting back UTF-8.

A detailed explaination with a JavaScript workaround that fixes the bug by converting any HTTP PayPal domains in FORM ACTIONS to HTTPS can be found on this blog posting of mine.

I don’t know who is to blame but I have ruled out WP Super Cache and Cloudflare.

Just thought I would let you know in case other people have the same issue.

https://blog.strictly-software.com/2015/09/ie-bug-with-non-protocol-specific-urls.html

The topic ‘IE bug with non protocol specific OR http to https cross domain posting to PayPa’ is closed to new replies.

Tags