Bug 17885 - Shopping cart broken on a major outlet
Summary: Shopping cart broken on a major outlet
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Macintosh OS X 10.5
: P2 Normal
Assignee: Nobody
URL: http://www.morecomputers.com/extra.as...
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2008-03-16 17:33 PDT by tim bates
Modified: 2008-03-18 05:57 PDT (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description tim bates 2008-03-16 17:33:38 PDT
1. browse to the URL given in this bug report
2. You will see an opportunity to put the chosen item in your shopping basket (press the "BUY" button).

EXPECTED: item added to shopping basket
note, you don't need to register to do this, and it will not commit you to anything (and the bug means that it will not work anyhow :-)

OBTAINED: You get dumped into a "nothing in your basket" error page.

The site is a large online retailer and B2B operation, so might be worth seeing why their shopping system is broken on Safari.
Comment 1 Alexey Proskuryakov 2008-03-17 01:02:21 PDT
When opening the bug URL, I'm just redirected to a blank page.
Comment 2 Robert Blaut 2008-03-17 01:17:05 PDT
The reported URL redirects to http://www.morecomputers.com/blank.html in Webkit and in Firefox too. Resolved as INVALID. 

tim, feel free to reopen the bug if you provide working test case.
Comment 3 Mark Rowe (bdash) 2008-03-17 16:44:11 PDT
I can reproduce this in both Safari 3.0 and TOT WebKit.
Comment 4 Mark Rowe (bdash) 2008-03-17 16:47:56 PDT
As noted in the original report, this does not occur in Firefox.
Comment 5 Mark Rowe (bdash) 2008-03-17 16:48:14 PDT
<rdar://problem/5803997>
Comment 6 tim bates 2008-03-18 05:57:58 PDT
Turns out this happens only when security prefs are set to accept cookies ONLY from sites that the user navigates too. If cookies are off, the site throws a "turn cookies on" dialog. If cookies are on without restriction, the site works, but this "off-site" cookie prohibition is not detected by the site.

(As the shopping system is on a different server, this blocks the cart)

What is broken, then, is not the behavior, but perhaps the failure to let the user know that their preference is breaking the site and too allow an exception: It would be nice to flag for the user that the app tried to set a cookie, and give the option to allow it. 

One solution (for Safari, I guess, not webkit per-sé) would be to have a setting "ask user about off-site cookies"). Another would be to put a little icon in the tool bar flagging any override of site requests that have happened: this would allow the user to go in, and set a site-specific deviation from the general preference.