Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Checkout doesn't work if you create an url alias of 'cart/checkout'.
The reason is that 'uc_referer_check' doesn't check url aliases.
I've made a patch to correct this, but I'm not sure if it breaks any security lock, I hope not.
| Comment | File | Size | Author |
|---|---|---|---|
| uc_store.module.patch | 696 bytes | jherencia | |
Comments
Comment #1
rszrama CreditAttribution: rszrama commentedI generally don't recommend aliasing the checkout URLs, as who knows what else is depending on them. At this point, I'd postpone this patch as it's not something I want to have to go through the full debug process for this late in the development cycle of the 2.0.
Comment #2
Andy_Lowe CreditAttribution: Andy_Lowe commentedMy feeling is that the benefits of this feature do not out way the risk of introducing a security vulnerability in the checkout process.