Solving Opencart samesite cookie problem Google Chrome on Windows

21 Dec

2020

Johan van de Merwe

Posted in Opencart

This article shows how to solve the 'samesite' cookie in issue in Opencart when using Microsoft Windows and Google Chrome or Edge with a simple VQMod modification.

After the latest update of Google Chrome (version 87.0.4280.88) our customer was not able to login to the admin of Opencart (version 3.0.3.6) without being thrown out everytime she wanted to add media to a product.

I couldn't reproduce the problem at first, while the customer works with Microsoft Windows and I am using Linux Ubuntu. The same disappointing resulting occured with the Microsoft Edge browser which is using the same webkit as Google Chrome.

After some searching on Google the following solution worked for us. I must say that the Opencart runs on a server with PHP version 7.3.

The solution below doesn't work with a PHP version lower than 7.3.

The problem

The problem that occurs was that the since now apparently required samesite and secure options have to be included when using Google Chrome (on Windows that is).

VQMod modification

I used VQMod modification manager to make a new modification changing the following files:

system/framework.php
catalog/controller/startup/session.php

The following code worked for me to keep a persistant cookie with the samesite attrubute checked.

You place the following code under a self chosen name like samesite-cookie-persistent.xml in the vqmod/xml folder in the root of your Opencart installation.

Don't use this if you don't have the VQMod plugin installed.

<?xml version="1.0" ?>

<modification>
    <id>Framework and catalog session samesite cookie</id>
    <vqmver>2.5.0</vqmver>
    <version>1.0</version>
    <author>J.J. van de Merwe</author>

    <file name="system/framework.php" error="log">
        <operation>
            <search position="replace">
                <![CDATA[
    setcookie($config->get('session_name'), $session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
                ]]>
            </search>
            <add action="after">
                <![CDATA[
    // ### Modified code: your-filename.xml ###             
    setcookie(
        $config->get('session_name'),
        $session->getId(),
        [
            'expires'  => ini_get('session.cookie_lifetime'),
            'path'     => ini_get('session.cookie_path'),
            'domain'   => ini_get('session.cookie_domain'),
            'secure'   => true,
            'httponly' => true,
            'samesite' => 'None'
        ]
    );
    // ### (End) Modified code ###
                ]]>
            </add>
        </operation>
    </file>

    <file name="catalog/controller/startup/session.php" error="log">
        <operation>
            <search position="replace">
                <![CDATA[
            setcookie($this->config->get('session_name'), $this->session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
                ]]>
            </search>
            <add action="after">
                <![CDATA[
            // ### Modified code: your-filename.xml ###   
            setcookie(
                $this->config->get('session_name'),
                $this->session->getId(),
                [
                    'expires'  => ini_get('session.cookie_lifetime'),
                    'path'     => ini_get('session.cookie_path'),
                    'domain'   => ini_get('session.cookie_domain'),
                    'secure'   => true,
                    'httponly' => true,
                    'samesite' => 'None'
                ]
            );
            // ### (End) Modified code ###
                ]]>
            </add>
        </operation>
    </file>
</modification>

Johan van de Merwe

More from same category

	Migrating SEO urls from Woocommerce to Opencart Opencart 29 Jun 2022 One of our customers migrated their webshop from Woocommerce to Opencart. This article shows how we solved the SEO friendly URL's of one of the migrat...
	Replace functions with OCMOD in Opencart Opencart 18 Jul 2019 In this article I will show how you can override a system helper function in Opencart without modifying the core (which you should never do).
	Custom libraries in Opencart (v2) Opencart 12 Aug 2019 Creating custom libraries in Opencart can be very helpful. Creating additional functionality with a library is easy. In this article is shown how to c...
	Using custom libraries in Opencart Opencart 29 Oct 2019 This article shows how you can use the power of a custom library in Opencart shoppingcart software. Custom libraries can isolate functionality to impr...
	Solving Opencart samesite cookie problem Google Chrome on Windows Opencart 21 Dec 2020 This article shows how to solve the 'samesite' cookie in issue in Opencart when using Microsoft Windows and Google Chrome or Edge with a simple VQMod...
	Opencart CLI Commands: Step-by-Step DIY guide Opencart 07 Jun 2024 The free to use Opencart shopping cart software doesn’t have a command line (CLI) implementation like Laravel or Craft CMS, but it is not hard to add...
	The power of the modification overrides in Opencart 2.x Opencart 20 Aug 2019 We really love Opencart shopping cart software. It is fast in performance and to a great extent quite flexible. In this article I would like to show h...
	Add image to the category list in the backend of Opencart with VQMod Opencart 26 Jan 2022 This article shows how to add a column to the admin category list containing the thumbnail of the category image with Opencart and VQMod.