Checkout Page Not Secure

  • Siamak

    (@ohyeahdesigns)


    4 years, 2 months ago

    Hello, I was testing my checkout page today and I realized that if I copy the entire URL of the checkout page which is something like
    https://….org/checkout/order-received-successfully/…?key=wc_order_…
    to another browser, it brings up all the products ordered including details, etc. How do I prevent this from happening.

    I am using Gravity Forms with Woocommerce to sell logo design packages.

    Thanks

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support EastOfWest a11n

    (@eastofwest)

    Hi there,

    It’s true that the order confirmation page would be accessible in that way, but it doesn’t reveal any information that could otherwise link it to a customer.

    Also, the key in the URL is random, and must match the order number. It would be very difficult to guess, and in the end for not much gain.

    Unless; does your order confirmation page show any particular details you feel links it to customers? And if so, is that information being added by 3rd party plugins you’re using?

    If you could share a screenshot that shows the problem, that would be helpful. You can upload the screenshot to your media library and share the link with us, or you can use a service like [Droplr](https://droplr.com/) or [CloudApp](https://www.getcloudapp.com/) to share the image file.

    Plugin Support EastOfWest a11n

    (@eastofwest)

    There hasn’t been a reply to this thread in a while, so I’ll go ahead and mark it resolved for now. If you require any more help though, do reach out to us again; we’re happy to help.

    Thread Starter Siamak

    (@ohyeahdesigns)

    Hello, sorry for the delay in reply.

    The checkout page includes details about the user as I am using Gravity Forms for product details.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Checkout Page Not Secure’ is closed to new replies.