In the checkout page, order summary frame shows endless loading for cached nonce

If your host is serving cached pages (e.g. with Varnish) this could cause the issue. When the ajax request is made there is a security nonce included with it (https://github.com/woocommerce/woocommerce/blob/84965af5e3b8c3fd92442b4a0765fcc20ce9438b/assets/js/frontend/checkout.js#L289). This nonce is periodically expired and a new one is created. If this nonce has expired you will get the error you are seeing if you try and use it, which would happen if the host was serving cached pages. Hope this helps.

Thanks to your suggestion I checked the configuration of the hosting server and it was serving cached pages with SuperCache so I disabled it completely. Then I made sure that W3 Total Cache plugin was disabled and tried again.

Sadly nothing changed, the XHR request is still returning “-1”.
Here are the request headers:

GET /homepage/?wc-ajax=update_order_review HTTP/1.1
Host: mysite
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: https://mysite/
Cookie: woocommerce_recently_viewed=4107; woocommerce_items_in_cart=1; woocommerce_cart_hash=5e13c537712460328de27639b4775792; wp_woocommerce_session_fb7619d5f9dbfb6b7e53950b21351237=af59e3b8eee76a79d26b9a113f63bbda%7C%7C1538405936%7C%7C1538402336%7C%7C8628e6225ad3386f992fd33635aa1b32
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Why did it do the request to /homepage/? Shouldn’t be doing the request to some woocommerce plugin page?
Note that in the root directory the .htaccess file has this rule: “Redirect /index.html /homepage/”.

Here are the response headers:

HTTP/2.0 403 Forbidden
server: nginx
date: Sat, 29 Sep 2018 15:00:28 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: woocommerce_items_in_cart=1; path=/
woocommerce_cart_hash=5e13c537712460328de27639b4775792; path=/
wp_woocommerce_session_fb7619d5f9dbfb6b7e53950b21351237=af59e3b8eee76a79d26b9a113f63bbda%7C%7C1538405936%7C%7C1538402336%7C%7C8628e6225ad3386f992fd33635aa1b32; expires=Mon, 01-Oct-2018 14:58:56 GMT; Max-Age=172708; path=/
woocommerce_items_in_cart=1; path=/
woocommerce_cart_hash=5e13c537712460328de27639b4775792; path=/
wp_woocommerce_session_fb7619d5f9dbfb6b7e53950b21351237=af59e3b8eee76a79d26b9a113f63bbda%7C%7C1538405936%7C%7C1538402336%7C%7C8628e6225ad3386f992fd33635aa1b32; expires=Mon, 01-Oct-2018 14:58:56 GMT; Max-Age=172708; path=/
host-header: 192fc2e7e50945beb8231a492d6a8024
X-Firefox-Spdy: h2

Are the fields “expires” and “cache-control” (the first ones) normal? Maybe 11 Jan 1984 is a bit old, isn’t it?

I tried to make the request also with a different browser:
(request)

GET https://mysite/homepage/?wc-ajax=update_order_review HTTP/1.1
Accept: */*
Referer: https://mysite/checkout/
Origin: https://mysite
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) QupZilla/1.8.9 Safari/538.1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

(form data)

security=09035d0cc5&payment_method=paypal&country=IT&state=&postcode=&city=&address=&address_2=&s_country=IT&s_state=&s_postcode=&s_city=&s_address=&s_address_2=&has_full_address=false&post_data=billing_first_name%3D%26billing_last_name%3D%26billing_company%3D%26billing_country%3DIT%26billing_address_1%3D%26billing_address_2%3D%26billing_city%3D%26billing_state%3D%26billing_postcode%3D%26billing_phone%3D%26billing_email%3D%26shipping_first_name%3D%26shipping_last_name%3D%26shipping_company%3D%26shipping_country%3DIT%26shipping_address_1%3D%26shipping_address_2%3D%26shipping_city%3D%26shipping_state%3D%26shipping_postcode%3D%26order_comments%3D%26shipping_method%255B0%255D%3Dflat_rate%253A1%26payment_method%3Dpaypal%26woocommerce-process-checkout-nonce%3Da6644d1faf%26_wp_http_referer%3D%252Fcheckout%252F&shipping_method%5B0%5D=flat_rate%3A1

(response)

Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:https://mysite
Cache-Control:no-cache, must-revalidate, max-age=0
Connection:keep-alive
Content-Type:text/html; charset=UTF-8
Date:Sat, 29 Sep 2018 15:21:42 GMT
Expires:Wed, 11 Jan 1984 05:00:00 GMT
Host-Header:192fc2e7e50945beb8231a492d6a8024
Server:nginx
Set-Cookie:woocommerce_items_in_cart=1; path=/
Set-Cookie:woocommerce_cart_hash=241875efe03875451293fc845026a03d; path=/
Set-Cookie:wp_woocommerce_session_fb7619d5f9dbfb6b7e53950b21351237=b9d62d119ec9f5716c4c4d9d1c2ce5e9%7C%7C1538407276%7C%7C1538403676%7C%7C4987d91663f29677a9116930602ca6af; expires=Mon, 01-Oct-2018 15:21:16 GMT; Max-Age=172774; path=/
Set-Cookie:woocommerce_items_in_cart=1; path=/
Set-Cookie:woocommerce_cart_hash=241875efe03875451293fc845026a03d; path=/
Set-Cookie:wp_woocommerce_session_fb7619d5f9dbfb6b7e53950b21351237=b9d62d119ec9f5716c4c4d9d1c2ce5e9%7C%7C1538407276%7C%7C1538403676%7C%7C4987d91663f29677a9116930602ca6af; expires=Mon, 01-Oct-2018 15:21:16 GMT; Max-Age=172774; path=/
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Robots-Tag:noindex

Does this provide some useful information?
Thanks for your interst.

• This reply was modified 6 years, 5 months ago by nic0net.

Hi,
I confirm that, server side, Siteground’s technicians said they disabled all the caches for my site. I deleted w3 total cache plugin and disabled the other plugins. Anyway the page is still there endless loading.
I hope that soon somebody will find out something, I can’t be the only one with this problem.
Thanks anyway to who tried to help until now.

Hi @nic0net

Can you create a new install with SiteGround and install WooCommerce and activate the TwentySeventeen theme, then tell us if you have the same issue?

Hi,

I’m trying to set up another install both on localhost and with SiteGround to see where is the problem. I’ll get in touch as soon as possible.

Do keep us updated on this please.

I finally solved the problem, it was originated by the redirect rule in the .htaccess file under root directory: “Redirect /index.html /homepage/”.

I’m sorry to have bothered you for a distraction like that,
Thank you anyway.

I’m having the exact same issue where random users keep having a white overlay on the checkout page. Can’t figure out what the problem is. Have deleted user sessions, transients, disabled all caching and turned on/off several plugins.

When I was remote-desktopping a user that was experiencing the issue he also had the -1 returned on the pageload check.

I can’t for the life of me figure out what is going on and how to fix this.

Even the hosting turned off Varnisch Cache to be absolutely certain everything is generated on the get-go.

Could you elaborate how the redirect was interfering with your nonce check?

I had this issue, and here’s what was happening to my site. Once a customer got to the checkout page and logged in as a returning customer, spinning wheels got stuck over the credit card (Stripe) area with the same error as described by @nic0net.

In a single site build, a solution on another thread was to remove these lines from your wp-config file:
define( ‘ADMIN_COOKIE_PATH’, ‘/’ );
define( ‘COOKIE_DOMAIN’, ” );
define( ‘COOKIEPATH’, ” );
define( ‘SITECOOKIEPATH’, ” );

In my case, I received the checkout error on my multisite build. I need some of those lines to prevent an admin redirect loop. After some trial and error, keeping these lines solved the problem and allowed admin login:
define(‘ADMIN_COOKIE_PATH’, ‘/’);
define(‘COOKIE_DOMAIN’, false);
define(‘SITECOOKIEPATH’, ”);

Removing define(‘COOKIEPATH’, ”); makes moving from one site to another in the admin break a bit – possibly due to the domain mapping plugin is setup. Logging into a child site on another browser is my workaround until the cookie issues are sorted out.

Regarding what happened to me I think that the Ajax request was made to the wrong page because of the redirect. As you can see my request was made to /homepage/?wc-ajax=update_order_review HTTP/1.1 but maybe should be made to /homepage/index.html?wc-ajax.... Note that there was a redirect from /index.html to /homepage.