Go Bananas!

The one and only banana blog.
Put on your safety goggles.

CodeIgniter FlashData and Chrome

Posted February 20th, 2015 @ 6:08 PM by

How the favicon effects flashdata in Google Chrome

One of the biggest roles that we have as developers comes from testing our work to make sure that the functionality is working as intended. This includes testing how the site handles good and bad data. Do the forms account for missing information, prevent XSS attacks, duplicate content, invalid data, etc? We also need to test across multiple platforms, devices, browsers and versions.

Recently I was integrating a custom payment gateway into a shopping cart built with CodeIgniter. Everything worked as it was intended to, until I tested in Chrome.

In the shopping cart checkout process, after the user enters payment details and views the preview page, a CodeIgniter Flashdata was set to indicate the user had viewed the preview page.

Flashdata sets a session variable that is only valid for 1 request, and then removes it.

In this case it would be used as one of the security measures to ensure that the payment processing was coming from the correct page. If it was not, it would redirect the user away from the checkout processing.

“Adding the favicon into the site fixed the issue.”

Once I submitted the payment in Chrome, the browser redirected the path away from the processing page. No other browser did that. Upon further troubleshoot I noticed that the script was not seeing the Flashdata.

After looking more into Chrome, it appears that the browser attempts to automatically load favicon. In this particular site which was still under development, the favicon was missing  – causing Chrome to load the site 404 page – which used up the Flashdata request, causing the payment page to not see the Flashdata and then be redirected.

Adding the favicon into the site fixed the issue.

Eric Lozaga

Eric made his first website in 1994 to the tune of Angelfire and never looked back. While stationed in Hawaii during his time in the military, he started to teach himself the LAMP stack and continued to improve until he finished his enlistment in 2006. At that time he began freelancing while also working a range of development positions, from small web development companies to large advertisement agencies.