boltapp / bolt-magento1 Goto Github PK

Is it compatible with Magento enterprise?

Preconditions

Magento 1.9x
Bolt Latest Community V1.3

Issue

<default> <reference name="head"> <block type="boltpay/checkout_boltpay" name="track_script" as="track_script" template="boltpay/track.phtml" /> <block type="boltpay/checkout_boltpay" name="connect_js_script" as="connect_js" template="boltpay/connectjs.phtml"/> <block type="boltpay/checkout_boltpay" name="replace_script" as="replace_script" template="boltpay/replace.phtml"/> <block type="core/template" name="bolt_popup" as="bolt_popup" template="boltpay/popup.phtml"/> </reference> </default>
The Boltpay/popup.phtml template is being inserted into the HEAD with HTML Structural Markup. This is not semantic, valid markup. Causing premature HEAD closure by browsers.

Any HTML Structural Markup should be in the BODY.

A good block to reference instead of 'head' , would be on 'after_body_start' or 'before_body_end' as these are within the body tag.
<reference name="after_body_start">

From W3 Validator:

ERROR: Stray end tag head.
ERROR: Start tag body seen but an element of the same type was already open.
ERROR: Cannot recover after last error. Any further errors will be ignored.

This issue was automatically created by Allstar.

Security Policy Violation
Security policy not enabled.
A SECURITY.md file can give users information about what constitutes a vulnerability and how to report one securely so that information about a bug is not publicly visible. Examples of secure reporting methods include using an issue tracker with private issue support, or encrypted email with a published key.

To fix this, add a SECURITY.md file that explains how to handle vulnerabilities found in your repository. Go to https://github.com/BoltApp/bolt-magento1/security/policy to enable.

For more information, see https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository.

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

Preconditions

Magento 1.9x
Bolt Latest Community V1.2.0.1

Steps to reproduce

Add Estimated Country/State/Zip (City is NOT required) for estimates..
Estimate
Select Estimate
Update Totals

Expected result

Should be added with proper price.

Actual result

It adds the proper method, but the price is always $0

Preconditions

Magento 1.9x
Bolt Latest Community V1.2.0.1

Steps to reproduce

Add to cart, go to cart, go to another page, go back to cart. Repeat.

Expected result

The SAME quote should be updated when cart actions are triggered... there is NO reason to create a NEW quote, just UPDATE the existing quote...

Actual result

New quotes are created with references to the 'old' quotes..
This causes the Abandoned Cart Reports to start showing duplicated carts abandoned..
sales_flat_quote and it's related tables now grow exponetially in size.. as new records are created for each visit to checkout/cart ... not good
3rd partymodules and other extensions that rely on sales_flat_quote are now all having duplicated records pulled in..
I got 8 abandoned cart emails from ONE cart, ONE site visit..

GitHub Releases

Please limit releases to once a month.. having to update a module every week is not fun..

Preconditions

Magento 1.9x
Bolt Latest Community V1.3.8

Issue

The setHeader calls are assuming no other native or third-party modules have already set Headers on response. It does not overwrite the existing Content-type if a header is already set, resulting in errors when Bolt makes AJAX calls to prefetchEstimateAction in app/code/community/Bolt/Boltpay/controllers/ShippingController.php

PHP Warning: Cannot modify header information - headers already sent in Unknown on line 0

Should be calling clearHeaders() as part of the method chain
$this->getResponse()->clearHeaders()->setHeader('Content-type', 'application/json');