Hello @daivymerlijs
Nonce validation is a security feature and happens in many different parts of the plugin. Sometimes, this can be related to caching, but normally this should not be a problem that causes problems with payment itself and essentially, this error doesn’t point us toward any potential cause. It would be crucial to know if you can reproduce the error and under what circumstances it occurs.
If we are able to reproduce it, we can then investigate what causes it and find a solution easily.
Bayond this, it will be helpful if you could share your current System Status Report. You can get it by navigating to the WooCommerce / Status section of your site. Once there, click on the Get system report button and then copy it by clicking on the Copy for support button.
Please provide those log entries on our PrivateBin. After uploading, paste here the link, so we can review them in detail.
Looking forward to hearing from you.
Kind regards,
Krystian
Hello @inpsydekrystian ,
I installed the 2.8.1-rc1 version of your plugin which includes the following fix :
Enhancement - Prevent script caching & minification from Litespeed Cache and W3 Total Cache plugins #2316
It seems it fixed my issue. I advise all people using Litespeed plugin to use this release candidate version before stable version is out.
Hello @daivymerlijs
Thank you for your feedback.
It’s great to hear that the current enhancements are working as intended. Please let us know if any further issues arise.
Kind regards,
Krystian
@inpsydekrystian Unfortunately, I was wrong. It seems it did not solve my issue, actually.
I can’t reproduce the error because I have no idea what causes it. It happens randomly.
Here is the private bin : https://privatebin.syde.com/?6bc0505f4e94d303#6Q96emLRcCerYtvhw8FMwpNxLXKNE7Lzonz2FqrfcnZy
I think I have an idea why this problem occurs. My Litespeed cache TTL is set to one year, and I use Paypal buttons on my products pages. However, nonces default TTL is set to 12 hours : since my Litespeed cache does not expire after 12 hours, nonces start to expire and can’t be validated (and then, the problem occurs).
However, Litespeed plugin has ESI support, especially for Nonces : https://prnt.sc/mSy6Y8-yxF0l
If you can give me the name of the nonces, I can add them to ESI and the problem will probably be fixed.
As for your plugin’s code, you can also use Litespeed API to add a ESI Nonce as detailled here : https://docs.litespeedtech.com/lscache/lscwp/api/#convert-custom-nonce-to-esi
Since nonces should not be cached, another workaround would be to modify button.js code and using Litespeed cache API (or other cache plugins API) to not store paypal button nonces in cache.
Hello @daivymerlijs
Your idea to use ESI support for nonces is a good one. However, we currently don’t have the names of the nonces used by our plugin available. While implementing ESI for nonces is a potential solution, it’s not something we’ve explored in depth yet.
In any case, the best approach would be to disable caching on pages where PayPal buttons are present. And that’s what we can recommend. We may investigate the compatibility of our plugin with Litespeed’s ESI in the future, but it is not on our development roadmap at the moment.
Please let us know if you have further questions.
Kind Regards,
Krystian
@inpsydekrystian Maybe you should using AJAX for creating nonce for Paypal Button, instead of a PHP request to create one.
Since caching plugins don’t cache AJAX but only PHP, this should fix the issue.
Hello @daivymerlijs
I have discussed this approach with our development team, and while it might solve the current problem, implementing such a change would require significant development effort. Additionally, this alteration could lead to other unforeseen issues. At this time, our developers have decided not to proceed with this solution.
Beyond this, I’ve created an issue to enhance compatibility with Litespeed ESI (nonce caching). We’ll keep this thread updated with any developments. For now, the best solution is to disable caching on all pages where smart buttons are used.
Thank you for your understanding.
Kind Regards,
Krystian
