cancel
Showing results for 
Search instead for 
Did you mean: 

Save Billing - 403 Forbidden Error

Save Billing - 403 Forbidden Error

A few customers have complained about not being able to proceed pass the billing section of onepage checkout and being redirected to the Cart page.

 

I managed to reproduce this and am seeing the following in my Apache logs:

 

./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:08:00 -0400] "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 200 403
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:22:36 -0400] "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 200 403
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:25:34 -0400] "GET /skin/adminhtml/default/enterprise/images/varien_logo.gif HTTP/1.1" 200 403
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:29:43 -0400] "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 200 403 
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:35:17 -0400] "POST /checkout/onepage/saveBilling/ HTTP/1.1" 403 20
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:38:38 -0400] "POST /checkout/onepage/saveBilling/ HTTP/1.1" 403 20
./ssl_access_log:69.73.*.* - - [29/Aug/2016:09:42:15 -0400] "GET /checkout/onepage/saveBilling/ HTTP/1.1" 403 20
./ssl_request_log:[29/Aug/2016:09:08:00 -0400] 69.73.*.* TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 403
./ssl_request_log:[29/Aug/2016:09:22:36 -0400] 69.73.*.* TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 403
./ssl_request_log:[29/Aug/2016:09:25:34 -0400] 69.73.*.* TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /skin/adminhtml/default/enterprise/images/varien_logo.gif HTTP/1.1" 403
./ssl_request_log:[29/Aug/2016:09:29:43 -0400] 69.73.*.* TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /checkout/onepage/progress/?prevStep=billing HTTP/1.1" 403

 

It isn't obvious to me what I should troubleshoot next - is this a session issue?

 

How To Reproduce:

  1. Login
  2. Add 5 items to cart (I'm testing with products over $100)
  3. Proceed to checkout
  4. Proceed past billing -- throws 403, redirects to cart view.

 

EDIT:

 

I do see the code below in Mage_Checkout_Onepagecontroller. If anyone has any insight into why the session might be expiring during checkout, if it is at all, I'd love to hear it. In the meantime, I'll report back with any other findings.

    /**
     * Send Ajax redirect response
     *
     * @return Mage_Checkout_OnepageController
     */
    protected function _ajaxRedirectResponse()
    {
        $this->getResponse()
            ->setHeader('HTTP/1.1', '403 Session Expired')
            ->setHeader('Login-Required', 'true')
            ->sendResponse();
        return $this;
    }