Version: unspecified
Severity: normal
Description
Details
- Reference
- bz25194
Event Timeline
When a user first arrives to the credit card gateway, a session is created for them to store a token to help prevent CSRF. When a user goes all the way through the flow and arrive at a thank you or payment error page, their session is unset. If they click the back button to go back to the form, fill it out and then submit it, they are warned that their session has expired and the page is reloaded, requiring them to completely fill out the form again if they wish to resubmit.
This experience should be cleaned up and made more transparent to the user, as the more steps required for a user to go through to make a donation, the less likely they are to actually donate.
This was resolved with the rewrite of DonationInterface which included improved session handling.