Magento2: PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome

Hi @sjb9774. Thank you for your report.
To help us process this issue please make sure that you provided the following information:

• [x] Summary of the issue
• [x] Information on your environment
• [x] Steps to reproduce
• [x] Expected and actual results

Please make sure that the issue is reproducible on the vanilla Magento instance following Steps to reproduce. To deploy vanilla Magento instance on our environment, please, add a comment to the issue:

@magento give me 2.4-develop instance - upcoming 2.4.x release

For more details, please, review the Magento Contributor Assistant documentation.

@sjb9774 do you confirm that you were able to reproduce the issue on vanilla Magento instance following steps to reproduce?

• [x] yes
• [ ] no

• Join Magento Community Engineering Slack and ask your questions in #github channel.

@magento give me 2.4-develop instance

Hi @sjb9774. Thank you for your request. I'm working on Magento 2.4-develop instance for you

Hi @sjb9774, here is your Magento instance.
Admin access: https://i-26840-2-4-develop.instances.magento-community.engineering/admin_a9f4
Login: b598bea6 Password: 2cfbfba2fea6
Instance will be terminated in up to 3 hours.

This is readily reproducible on a fresh 2.4-develop instance as well

I confirm this issue with PayPal Payflowpro, @magento-engcom-team please create internal issue and assign it on MPI team
@sjb9774 Thanks for reporting, the fix will be available till the end of the week

:white_check_mark: Confirmed by @sdzhepa
Thank you for verifying the issue. Based on the provided information internal tickets MC-31573 were created

Issue Available: @sdzhepa, _You will be automatically unassigned. Contributors/Maintainers can claim this issue to continue. To reclaim and continue work, reassign the ticket to yourself._

Hi @viktym. Thank you for working on this issue.
Looks like this issue is already verified and confirmed. But if you want to validate it one more time, please, go though the following instruction:

• [ ] 1. Add/Edit Component: XXXXX label(s) to the ticket, indicating the components it may be related to.

• [ ] 2. Verify that the issue is reproducible on 2.4-develop branch

  Details

  - Add the comment @magento give me 2.4-develop instance to deploy test instance on Magento infrastructure.
  - If the issue is reproducible on 2.4-develop branch, please, add the label Reproduced on 2.4.x.
  - If the issue is not reproducible, add your comment that issue is not reproducible and close the issue and _stop verification process here_!

• [ ] 3. If the issue is not relevant or is not reproducible any more, feel free to close it.

• Join Magento Community Engineering Slack and ask your questions in #github channel.

@viktym Thanks for working on this. Knowing that Chrome plans to start rolling this new behavior out as default to a limited userbase (I don't know how small or large this initial rollout may be) in the next few days should we be worried that Payflow checkout could be broken for potentially many Chrome users until the end of the week when your fix becomes available? Thanks again

@sjb9774
The initial solution is ready and moving to the QA stage.
I expect that we will be ready to provide a patch early next week

@viktym Thanks for your work on this, I look forward to seeing the fix soon

Hi @sjb9774, @viktym.

Thank you for your report and collaboration!

The issue was fixed by Magento team. The fix was delivered into magento/magento2:2.3-develop branch(es).
Related commit(s):

• 231ba74c725a4e7d4171b2735f7eb2808a5f4c98
• c94ad766ac30e827c456ad47bf81526c72bf5f50

The fix will be available with the upcoming 2.3.5 release.

@viktym the above commits 404 for me, presumably because they are commits to an internal branch I cannot view -- can you post a patch file here when you have a moment?

@viktym any word on a patch for this?

Documenting the patch provided for this issue by Magento support here:

https://gist.github.com/sjb9774/971a28d309dee2f24b853c84e0295693
edit: linking to gist as patch is somewhat large

Thanks @sjb9774 for patch publication
Forward-port in 2.4-develop will be created nearest time

@sjb9774 The patch works well for desktop but does not work for mobile.

@LuoLily interesting, I'm not sure why it would operate differently on mobile. Can you provide more information about its behavior on mobile?

@sjb9774 After place order, it keep loading with spinning

@LuoLily I tested this patch on an iPhone X simulator and did not see if the issue you're reporting.

Hi @sjb9774, @viktym.

Thank you for your report and collaboration!

The issue was fixed by Magento team. The fix was delivered into magento/magento2:2.4-develop branch(es).
Related commit(s):

• abdb45844fd3862a8a2f852fb34d35cc0e958829
• 8ed20d151301484271b03755006e203e80ef76eb
• 8211eb79022e2167dad38349c63bb9c36279e34d
• 6d6af36f4fb31dfe7f585061d34332ed0819fe1a
• 45b9e193ddd8a413cb041976de6f1d9da5f53d5f

The fix will be available with the upcoming 2.4.0 release.

@sjb9774 We are getting the same 500 error while placing an order with the payflow pro credit card payment method. will the patch which you mentioned help solve our issue?

We are using Magento 2.3.1

It seems that we are getting 500 error in google chrome only. we are able to place the order in firefox successfully without any issues.

• https://github.com/magento/magento2/commit/abdb45844fd3862a8a2f852fb34d35cc0e958829
• https://github.com/magento/magento2/commit/8ed20d151301484271b03755006e203e80ef76eb
• https://github.com/magento/magento2/commit/8211eb79022e2167dad38349c63bb9c36279e34d
• https://github.com/magento/magento2/commit/6d6af36f4fb31dfe7f585061d34332ed0819fe1a
• https://github.com/magento/magento2/commit/45b9e193ddd8a413cb041976de6f1d9da5f53d5f

@magento-engcom-team which of the above commits is an exact patch for the issue? I have checked all commits but I got confused.

I think this is the correct patch: https://github.com/magento/magento2/commit/abdb45844fd3862a8a2f852fb34d35cc0e958829 which is referring to this: https://gist.github.com/sjb9774/971a28d309dee2f24b853c84e0295693

Is this patch compatible with Magento 2.3.1?

@Ckaneriya, in theory you would need all commits. But you can also use this merge commit: https://github.com/magento/magento2/commit/b6b38d54a58dbabc562bd66c14167d44f7778fd7, which is a combination of those 5 commits.

@magento-engcom-team would better post merge commits instead of individual commits, it's easier to create patches from like that 😉

@hostep Thaks for the reply.

Is this patch compatible with Magento v2.3.1?

@Ckaneriya: I have no idea, you should try it 🙂, we don't use the paypal module of Magento ...

If the patch doesn't apply cleanly on 2.3.1, I recommend to clone the Magento 2 repo, checkout the 2.3.1 tag, and cherry pick the 5 commits mentioned above and resolve merge conflicts (should they occur), after that, you should be able to create a patch from the diff between 2.3.1 and your current git repo state. But make sure you test it very well!

Documenting the patch provided for this issue by Magento support here:

https://gist.github.com/sjb9774/971a28d309dee2f24b853c84e0295693
edit: linking to gist as patch is somewhat large

Will it work for 2.3.3?

@farrukhk this patch is not working for me on 2.3.4

@farrukhk this patch is not working for me on 2.3.4

Patch is working for me on 2.3.4. Make sure to setup:di:compile after applying the patch.

@farrukhk here is the output of my applying the https://gist.github.com/sjb9774/971a28d309dee2f24b853c84e0295693 patch:

$ bin/composer install -v
Gathering patches for root package.
Removing package magento/module-paypal so that it can be re-installed and re-patched.
  - Removing magento/module-paypal (100.3.4)
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.
Dependency resolution completed in 0.020 seconds
Analyzed 1114 packages to resolve dependencies
Analyzed 8469 rules to resolve dependencies
Package operations: 1 install, 0 updates, 0 removals
Installs: magento/module-paypal:100.3.4
Gathering patches for root package.
Gathering patches for dependencies. This might take a minute.
Found 1 patches for magento/module-ui.
Found 1 patches for magento/module-versions-cms.
Found 1 patches for dotmailer/dotmailer-magento2-extension.
Found 1 patches for magento/module-sales-rule.
Found 1 patches for magento/module-paypal.
  - Installing magento/module-paypal (100.3.4): Loading from cache
 Extracting archive  - Applying patches for magento/module-paypal
    patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch (PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome)
patch '-p1' --no-backup-if-mismatch -d '/var/www/html/vendor/magento/module-paypal' < '/var/www/html/patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch'
patching file vendor/magento/module-payment/Block/Transparent/Redirect.php

patching file vendor/magento/module-payment/view/adminhtml/templates/transparent/redirect.phtml

patching file vendor/magento/module-payment/view/frontend/templates/transparent/redirect.phtml

patching file vendor/magento/module-paypal/Controller/Adminhtml/Transparent/Redirect.php

patching file vendor/magento/module-paypal/Controller/Transparent/Redirect.php

can't find file to patch at input line 248
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|index 2a4ec764c41..6e9990f65c4 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored
can't find file to patch at input line 265
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|index 5db78e6fac5..1e97ac8b8c7 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

2 out of 2 hunks ignored

patching file vendor/magento/module-paypal/Plugin/TransparentSessionChecker.php

can't find file to patch at input line 344
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/etc/di.xml b/vendor/magento/module-paypal/etc/di.xml
|index c0141bbb321..973ed0f9192 100644
|--- a/vendor/magento/module-paypal/etc/di.xml
|+++ b/vendor/magento/module-paypal/etc/di.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored
can't find file to patch at input line 356
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/etc/frontend/page_types.xml b/vendor/magento/module-paypal/etc/frontend/page_types.xml
|index 133ab1ca761..1da5d54fb38 100644
|--- a/vendor/magento/module-paypal/etc/frontend/page_types.xml
|+++ b/vendor/magento/module-paypal/etc/frontend/page_types.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patching file vendor/magento/module-paypal/view/adminhtml/layout/transparent_payment_redirect.xml

patching file vendor/magento/module-paypal/view/frontend/layout/transparent_payment_redirect.xml

can't find file to patch at input line 412
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-website-restriction/etc/webrestrictions.xml b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|index 025df9529b1..86389f5e427 100644
|--- a/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|+++ b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patch '-p0' --no-backup-if-mismatch -d '/var/www/html/vendor/magento/module-paypal' < '/var/www/html/patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch'
patching file b/vendor/magento/module-payment/Block/Transparent/Redirect.php

patching file b/vendor/magento/module-payment/view/adminhtml/templates/transparent/redirect.phtml

patching file b/vendor/magento/module-payment/view/frontend/templates/transparent/redirect.phtml

patching file b/vendor/magento/module-paypal/Controller/Adminhtml/Transparent/Redirect.php

patching file b/vendor/magento/module-paypal/Controller/Transparent/Redirect.php

can't find file to patch at input line 248
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|index 2a4ec764c41..6e9990f65c4 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

can't find file to patch at input line 265
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|index 5db78e6fac5..1e97ac8b8c7 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

2 out of 2 hunks ignored

patching file b/vendor/magento/module-paypal/Plugin/TransparentSessionChecker.php

can't find file to patch at input line 344

Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/etc/di.xml b/vendor/magento/module-paypal/etc/di.xml
|index c0141bbb321..973ed0f9192 100644
|--- a/vendor/magento/module-paypal/etc/di.xml
|+++ b/vendor/magento/module-paypal/etc/di.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored


can't find file to patch at input line 356
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/etc/frontend/page_types.xml b/vendor/magento/module-paypal/etc/frontend/page_types.xml
|index 133ab1ca761..1da5d54fb38 100644
|--- a/vendor/magento/module-paypal/etc/frontend/page_types.xml
|+++ b/vendor/magento/module-paypal/etc/frontend/page_types.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patching file b/vendor/magento/module-paypal/view/adminhtml/layout/transparent_payment_redirect.xml

patching file b/vendor/magento/module-paypal/view/frontend/layout/transparent_payment_redirect.xml

can't find file to patch at input line 412
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-website-restriction/etc/webrestrictions.xml b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|index 025df9529b1..86389f5e427 100644
|--- a/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|+++ b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patch '-p2' --no-backup-if-mismatch -d '/var/www/html/vendor/magento/module-paypal' < '/var/www/html/patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch'
patching file magento/module-payment/Block/Transparent/Redirect.php

patching file magento/module-payment/view/adminhtml/templates/transparent/redirect.phtml

patching file magento/module-payment/view/frontend/templates/transparent/redirect.phtml

patching file magento/module-paypal/Controller/Adminhtml/Transparent/Redirect.php

patching file magento/module-paypal/Controller/Transparent/Redirect.php

can't find file to patch at input line 248
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|index 2a4ec764c41..6e9990f65c4 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Request/SecureToken.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored
can't find file to patch at input line 265
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|index 5db78e6fac5..1e97ac8b8c7 100644
|--- a/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
|+++ b/vendor/magento/module-paypal/Model/Payflow/Service/Response/Transaction.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

2 out of 2 hunks ignored

patching file magento/module-paypal/Plugin/TransparentSessionChecker.php

can't find file to patch at input line 344
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git a/vendor/magento/module-paypal/etc/di.xml b/vendor/magento/module-paypal/etc/di.xml
|index c0141bbb321..973ed0f9192 100644
|--- a/vendor/magento/module-paypal/etc/di.xml
|+++ b/vendor/magento/module-paypal/etc/di.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored
can't find file to patch at input line 356
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-paypal/etc/frontend/page_types.xml b/vendor/magento/module-paypal/etc/frontend/page_types.xml
|index 133ab1ca761..1da5d54fb38 100644
|--- a/vendor/magento/module-paypal/etc/frontend/page_types.xml
|+++ b/vendor/magento/module-paypal/etc/frontend/page_types.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patching file magento/module-paypal/view/adminhtml/layout/transparent_payment_redirect.xml

patching file magento/module-paypal/view/frontend/layout/transparent_payment_redirect.xml

can't find file to patch at input line 412
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-website-restriction/etc/webrestrictions.xml b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|index 025df9529b1..86389f5e427 100644
|--- a/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|+++ b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored

patch '-p4' --no-backup-if-mismatch -d '/var/www/html/vendor/magento/module-paypal' < '/var/www/html/patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch'
patching file Block/Transparent/Redirect.php

patching file view/adminhtml/templates/transparent/redirect.phtml

patching file view/frontend/templates/transparent/redirect.phtml

patching file Controller/Adminhtml/Transparent/Redirect.php

patching file Controller/Transparent/Redirect.php

patching file Model/Payflow/Service/Request/SecureToken.php

patching file Model/Payflow/Service/Response/Transaction.php

patching file Plugin/TransparentSessionChecker.php

patching file etc/di.xml

patching file etc/frontend/page_types.xml

patching file view/adminhtml/layout/transparent_payment_redirect.xml

patching file view/frontend/layout/transparent_payment_redirect.xml

can't find file to patch at input line 412

Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------

|diff --git a/vendor/magento/module-website-restriction/etc/webrestrictions.xml b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|index 025df9529b1..86389f5e427 100644
|--- a/vendor/magento/module-website-restriction/etc/webrestrictions.xml
|+++ b/vendor/magento/module-website-restriction/etc/webrestrictions.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored


   Could not apply patch! Skipping. The error was: Cannot apply patch patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch

Package classyllama/module-avatax is abandoned, you should avoid using it. Use avalara/avatax-magento instead.
Package container-interop/container-interop is abandoned, you should avoid using it. Use psr/container instead.
Package guzzlehttp/ringphp is abandoned, you should avoid using it. No replacement was suggested.
Package guzzlehttp/streams is abandoned, you should avoid using it. No replacement was suggested.
Package zendframework/zend-barcode is abandoned, you should avoid using it. Use laminas/laminas-barcode instead.
Package zendframework/zend-captcha is abandoned, you should avoid using it. Use laminas/laminas-captcha instead.
Package zendframework/zend-code is abandoned, you should avoid using it. Use laminas/laminas-code instead.
Package zendframework/zend-config is abandoned, you should avoid using it. Use laminas/laminas-config instead.
Package zendframework/zend-console is abandoned, you should avoid using it. Use laminas/laminas-console instead.
Package zendframework/zend-crypt is abandoned, you should avoid using it. Use laminas/laminas-crypt instead.
Package zendframework/zend-db is abandoned, you should avoid using it. Use laminas/laminas-db instead.
Package zendframework/zend-di is abandoned, you should avoid using it. Use laminas/laminas-di instead.
Package zendframework/zend-diactoros is abandoned, you should avoid using it. Use laminas/laminas-diactoros instead.
Package zendframework/zend-escaper is abandoned, you should avoid using it. Use laminas/laminas-escaper instead.
Package zendframework/zend-eventmanager is abandoned, you should avoid using it. Use laminas/laminas-eventmanager instead.
Package zendframework/zend-feed is abandoned, you should avoid using it. Use laminas/laminas-feed instead.
Package zendframework/zend-filter is abandoned, you should avoid using it. Use laminas/laminas-filter instead.
Package zendframework/zend-form is abandoned, you should avoid using it. Use laminas/laminas-form instead.
Package zendframework/zend-http is abandoned, you should avoid using it. Use laminas/laminas-http instead.
Package zendframework/zend-hydrator is abandoned, you should avoid using it. Use laminas/laminas-hydrator instead.
Package zendframework/zend-i18n is abandoned, you should avoid using it. Use laminas/laminas-i18n instead.
Package zendframework/zend-inputfilter is abandoned, you should avoid using it. Use laminas/laminas-inputfilter instead.
Package zendframework/zend-json is abandoned, you should avoid using it. Use laminas/laminas-json instead.
Package zendframework/zend-loader is abandoned, you should avoid using it. Use laminas/laminas-loader instead.
Package zendframework/zend-log is abandoned, you should avoid using it. Use laminas/laminas-log instead.
Package zendframework/zend-mail is abandoned, you should avoid using it. Use laminas/laminas-mail instead.
Package zendframework/zend-math is abandoned, you should avoid using it. Use laminas/laminas-math instead.
Package zendframework/zend-mime is abandoned, you should avoid using it. Use laminas/laminas-mime instead.
Package zendframework/zend-modulemanager is abandoned, you should avoid using it. Use laminas/laminas-modulemanager instead.
Package zendframework/zend-mvc is abandoned, you should avoid using it. Use laminas/laminas-mvc instead.
Package zendframework/zend-psr7bridge is abandoned, you should avoid using it. Use laminas/laminas-psr7bridge instead.
Package zendframework/zend-serializer is abandoned, you should avoid using it. Use laminas/laminas-serializer instead.
Package zendframework/zend-server is abandoned, you should avoid using it. Use laminas/laminas-server instead.
Package zendframework/zend-servicemanager is abandoned, you should avoid using it. Use laminas/laminas-servicemanager instead.
Package zendframework/zend-session is abandoned, you should avoid using it. Use laminas/laminas-session instead.
Package zendframework/zend-soap is abandoned, you should avoid using it. Use laminas/laminas-soap instead.
Package zendframework/zend-stdlib is abandoned, you should avoid using it. Use laminas/laminas-stdlib instead.
Package zendframework/zend-text is abandoned, you should avoid using it. Use laminas/laminas-text instead.
Package zendframework/zend-uri is abandoned, you should avoid using it. Use laminas/laminas-uri instead.
Package zendframework/zend-validator is abandoned, you should avoid using it. Use laminas/laminas-validator instead.
Package zendframework/zend-view is abandoned, you should avoid using it. Use laminas/laminas-view instead.
Generating autoload files
> post-install-cmd: [ $COMPOSER_DEV_MODE -eq 1 ] && vendor/bin/phpcs --config-set installed_paths ../../magento/magento-coding-standard/
Using config file: /var/www/html/vendor/squizlabs/php_codesniffer/CodeSniffer.conf

Config value "installed_paths" updated successfully; old value was "../../magento/magento-coding-standard/"

Using cweagans/composer-patches module with the following patch line added to composer.json:

            "magento/module-paypal": {
                "PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome": "patches/composer/MDVA-25602_EE_2.3.4_v1.composer.patch"
            }

FYI the above may be related to how cweagans/composer-patches applies patches. It would be nice to apply patches this way, if that is all possible? In the interim I added the patch to m2-hotfixes since this is a cloud project, and the patch applied successfully.

@magento-engcom-team Will a patch for 2.3.3 be coming?

@markshust: cweagans/composer-patches applies patches to modules in vendor, so all file references in the patch file should be relative towards the module. So for example, one of the paths in the patch is vendor/magento/module-payment/Block/Transparent/Redirect.php, that one needs to be changed to Block/Transparent/Redirect.php

I'm also noticing that that this one patch is targetting 3 different modules, so that patch should get splitted in 3 different patch files before cweagans/composer-patches can apply it:

• vendor/magento/module-payment
• vendor/magento/module-paypal
• vendor/magento/module-website-restriction (this module is not part of Magento Open Source btw, so it can't be applied to Magento Open Source without removing this part of the patch)

There might be some more interesting information in the Magento devdocs section btw (step nr 5 is applicable here). It doesn't talk about splitting a patch over multiple files to be applied to multiple modules unfortunately.

@magento-engcom-team Could you please release a version for Open Source 2.3.4 that has the patches correctly separated and ready to install?

Hi,
Since there isn’t an Open Source version, I attempted to separate the patches and remove the extraneous section. Thanks to @hostep for the suggestion.

So here are the two patch files that I separated:

The payment module patch:

diff --git Block/Transparent/Redirect.php Block/Transparent/Redirect.php
new file mode 100644
index 00000000000..aeaeee7e4d2
--- dev/null
+++ Block/Transparent/Redirect.php
@@ -0,0 +1,60 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Payment\Block\Transparent;
+
+use Magento\Framework\UrlInterface;
+use Magento\Framework\View\Element\Template;
+use Magento\Framework\View\Element\Template\Context;
+
+/**
+ * Redirect block for register specific params in layout
+ */
+class Redirect extends Template
+{
+    /**
+     * Route path key to make redirect url.
+     */
+    private const ROUTE_PATH = 'route_path';
+
+    /**
+     * @var UrlInterface
+     */
+    private $url;
+
+    /**
+     * @param Context $context
+     * @param UrlInterface $url
+     * @param array $data
+     */
+    public function __construct(
+        Context $context,
+        UrlInterface $url,
+        array $data = []
+    ) {
+        $this->url = $url;
+        parent::__construct($context, $data);
+    }
+
+    /**
+     * Returns url for redirect.
+     *
+     * @return string
+     */
+    public function getRedirectUrl(): string
+    {
+        return $this->url->getUrl($this->getData(self::ROUTE_PATH));
+    }
+
+    /**
+     * Returns params to be redirected.
+     *
+     * @return array
+     */
+    public function getPostParams(): array
+    {
+        return (array)$this->_request->getPostValue();
+    }
+}
diff --git adminhtml/templates/transparent/redirect.phtml adminhtml/templates/transparent/redirect.phtml
new file mode 100644
index 00000000000..17fbdf780a4
--- dev/null
+++ adminhtml/templates/transparent/redirect.phtml
@@ -0,0 +1,21 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+/** @var \Magento\Payment\Block\Transparent\Redirect $block */
+$params = $block->getPostParams();
+$redirectUrl = $block->getRedirectUrl();
+?>
+<html>
+<head></head>
+<body onload="document.forms['proxy_form'].submit()">
+<form id="proxy_form" action="<?= $block->escapeUrl($redirectUrl) ?>"
+      method="POST" hidden enctype="application/x-www-form-urlencoded" class="no-display">
+    <?php foreach ($params as $name => $value):?>
+        <input value="<?= $block->escapeHtmlAttr($value) ?>" name="<?= $block->escapeHtmlAttr($name) ?>" type="hidden"/>
+    <?php endforeach?>
+</form>
+</body>
+</html>
diff --git frontend/templates/transparent/redirect.phtml frontend/templates/transparent/redirect.phtml
new file mode 100644
index 00000000000..17fbdf780a4
--- dev/null
+++ frontend/templates/transparent/redirect.phtml
@@ -0,0 +1,21 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+
+/** @var \Magento\Payment\Block\Transparent\Redirect $block */
+$params = $block->getPostParams();
+$redirectUrl = $block->getRedirectUrl();
+?>
+<html>
+<head></head>
+<body onload="document.forms['proxy_form'].submit()">
+<form id="proxy_form" action="<?= $block->escapeUrl($redirectUrl) ?>"
+      method="POST" hidden enctype="application/x-www-form-urlencoded" class="no-display">
+    <?php foreach ($params as $name => $value):?>
+        <input value="<?= $block->escapeHtmlAttr($value) ?>" name="<?= $block->escapeHtmlAttr($name) ?>" type="hidden"/>
+    <?php endforeach?>
+</form>
+</body>
+</html>

The PayPal module patch:

diff --git Controller/Adminhtml/Transparent/Redirect.php Controller/Adminhtml/Transparent/Redirect.php
new file mode 100644
index 00000000000..8201761cc3a
--- dev/null
+++ Controller/Adminhtml/Transparent/Redirect.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Paypal\Controller\Adminhtml\Transparent;
+
+/**
+ * Class for redirecting the Paypal response result to Magento controller.
+ */
+class Redirect extends \Magento\Paypal\Controller\Transparent\Redirect
+{
+}
diff --git Controller/Transparent/Redirect.php Controller/Transparent/Redirect.php
new file mode 100644
index 00000000000..c6cee15d23c
--- dev/null
+++ Controller/Transparent/Redirect.php
@@ -0,0 +1,98 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+namespace Magento\Paypal\Controller\Transparent;
+
+use Magento\Framework\App\Action\Context;
+use Magento\Framework\App\Action\HttpPostActionInterface;
+use Magento\Framework\App\CsrfAwareActionInterface;
+use Magento\Framework\App\Request\InvalidRequestException;
+use Magento\Framework\App\RequestInterface;
+use Magento\Framework\Controller\ResultInterface;
+use Magento\Framework\Exception\LocalizedException;
+use Magento\Framework\View\Result\LayoutFactory;
+use Magento\Payment\Model\Method\Logger;
+use Magento\Paypal\Model\Payflow\Transparent;
+
+/**
+ * Class for redirecting the Paypal response result to Magento controller.
+ */
+class Redirect extends \Magento\Framework\App\Action\Action implements CsrfAwareActionInterface, HttpPostActionInterface
+{
+    /**
+     * @var LayoutFactory
+     */
+    private $resultLayoutFactory;
+
+    /**
+     * @var Transparent
+     */
+    private $transparent;
+
+    /**
+     * @var Logger
+     */
+    private $logger;
+
+    /**
+     * Constructor
+     *
+     * @param Context $context
+     * @param LayoutFactory $resultLayoutFactory
+     * @param Transparent $transparent
+     * @param Logger $logger
+     */
+    public function __construct(
+        Context $context,
+        LayoutFactory $resultLayoutFactory,
+        Transparent $transparent,
+        Logger $logger
+    ) {
+        $this->resultLayoutFactory = $resultLayoutFactory;
+        $this->transparent = $transparent;
+        $this->logger = $logger;
+
+        parent::__construct($context);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function createCsrfValidationException(
+        RequestInterface $request
+    ): ?InvalidRequestException {
+        return null;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function validateForCsrf(RequestInterface $request): ?bool
+    {
+        return true;
+    }
+
+    /**
+     * Saves the payment in quote
+     *
+     * @return ResultInterface
+     * @throws LocalizedException
+     */
+    public function execute()
+    {
+        $gatewayResponse = (array)$this->getRequest()->getPostValue();
+        $this->logger->debug(
+            ['PayPal PayflowPro redirect:' => $gatewayResponse],
+            $this->transparent->getDebugReplacePrivateDataKeys(),
+            $this->transparent->getDebugFlag()
+        );
+
+        $resultLayout = $this->resultLayoutFactory->create();
+        $resultLayout->addDefaultHandle();
+        $resultLayout->getLayout()->getUpdate()->load(['transparent_payment_redirect']);
+
+        return $resultLayout;
+    }
+}
diff --git Model/Payflow/Service/Request/SecureToken.php Model/Payflow/Service/Request/SecureToken.php
index 2a4ec764c41..6e9990f65c4 100644
--- Model/Payflow/Service/Request/SecureToken.php
+++ Model/Payflow/Service/Request/SecureToken.php
@@ -70,9 +70,9 @@ class SecureToken
         $request->setCurrency($quote->getBaseCurrencyCode());
         $request->setCreatesecuretoken('Y');
         $request->setSecuretokenid($this->mathRandom->getUniqueHash());
-        $request->setReturnurl($urls['return_url'] ?? $this->url->getUrl('paypal/transparent/response'));
-        $request->setErrorurl($urls['error_url'] ?? $this->url->getUrl('paypal/transparent/response'));
-        $request->setCancelurl($urls['cancel_url'] ?? $this->url->getUrl('paypal/transparent/response'));
+        $request->setReturnurl($urls['return_url'] ?? $this->url->getUrl('paypal/transparent/redirect'));
+        $request->setErrorurl($urls['error_url'] ?? $this->url->getUrl('paypal/transparent/redirect'));
+        $request->setCancelurl($urls['cancel_url'] ?? $this->url->getUrl('paypal/transparent/redirect'));
         $request->setDisablereceipt('TRUE');
         $request->setSilenttran('TRUE');

diff --git Model/Payflow/Service/Response/Transaction.php Model/Payflow/Service/Response/Transaction.php
index 5db78e6fac5..1e97ac8b8c7 100644
--- Model/Payflow/Service/Response/Transaction.php
+++ Model/Payflow/Service/Response/Transaction.php
@@ -19,7 +19,8 @@ use Magento\Quote\Model\Quote\Payment;
 use Magento\Sales\Api\Data\OrderPaymentInterface;

 /**
- * Class Transaction
+ * Process PayPal transaction response.
+ *
  * @SuppressWarnings(PHPMD.CouplingBetweenObjects)
  */
 class Transaction
@@ -90,7 +91,7 @@ class Transaction
         $response = $this->transparent->mapGatewayResponse((array) $gatewayTransactionResponse, $response);

         $this->logger->debug(
-            (array) $gatewayTransactionResponse,
+            ['PayPal PayflowPro response:' => (array)$gatewayTransactionResponse],
             (array) $this->transparent->getDebugReplacePrivateDataKeys(),
             (bool) $this->transparent->getDebugFlag()
         );
diff --git Plugin/TransparentSessionChecker.php Plugin/TransparentSessionChecker.php
new file mode 100644
index 00000000000..5157ba3208f
--- dev/null
+++ Plugin/TransparentSessionChecker.php
@@ -0,0 +1,50 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Paypal\Plugin;
+
+use Magento\Framework\App\Request\Http;
+use Magento\Framework\Session\SessionStartChecker;
+
+/**
+ * Intended to preserve session cookie after submitting POST form from PayPal to Magento controller.
+ */
+class TransparentSessionChecker
+{
+    private const TRANSPARENT_REDIRECT_PATH = 'paypal/transparent/redirect';
+
+    /**
+     * @var Http
+     */
+    private $request;
+
+    /**
+     * @param Http $request
+     */
+    public function __construct(
+        Http $request
+    ) {
+        $this->request = $request;
+    }
+
+    /**
+     * Prevents session starting while instantiating PayPal transparent redirect controller.
+     *
+     * @param SessionStartChecker $subject
+     * @param bool $result
+     * @return bool
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    public function afterCheck(SessionStartChecker $subject, bool $result): bool
+    {
+        if ($result === false) {
+            return false;
+        }
+
+        return strpos((string)$this->request->getPathInfo(), self::TRANSPARENT_REDIRECT_PATH) === false;
+    }
+}
diff --git etc/di.xml etc/di.xml
index c0141bbb321..973ed0f9192 100644
--- etc/di.xml
+++ etc/di.xml
@@ -252,4 +252,7 @@
             </argument>
         </arguments>
     </type>
+    <type name="Magento\Framework\Session\SessionStartChecker">
+        <plugin name="transparent_session_checker" type="Magento\Paypal\Plugin\TransparentSessionChecker"/>
+    </type>
 </config>
diff --git etc/frontend/page_types.xml etc/frontend/page_types.xml
index 133ab1ca761..1da5d54fb38 100644
--- etc/frontend/page_types.xml
+++ etc/frontend/page_types.xml
@@ -14,6 +14,7 @@
     <type id="paypal_payflow_form" label="Paypal Payflow Form"/>
     <type id="transparent" label="Paypal Payflow TR Form"/>
     <type id="transparent_payment_response" label="Paypal Payflow TR Response"/>
+    <type id="transparent_payment_redirect" label="Paypal Payflow TR Redirect"/>
     <type id="paypal_payflow_returnurl" label="Paypal Payflow Return URL"/>
     <type id="paypal_payflowadvanced_cancelpayment" label="Paypal Payflow Advanced Cancel Payment"/>
     <type id="paypal_payflowadvanced_form" label="Paypal Payflow Advanced Form"/>
diff --git adminhtml/layout/transparent_payment_redirect.xml adminhtml/layout/transparent_payment_redirect.xml
new file mode 100644
index 00000000000..01acf03c0d0
--- dev/null
+++ adminhtml/layout/transparent_payment_redirect.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+-->
+<layout xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/layout_generic.xsd">
+    <container name="root" label="Root">
+        <block class="Magento\Payment\Block\Transparent\Redirect" name="transparent_redirect" template="Magento_Payment::transparent/redirect.phtml">
+            <arguments>
+                <argument name="route_path" xsi:type="string">paypal/transparent/response</argument>
+            </arguments>
+        </block>
+    </container>
+</layout>
diff --git frontend/layout/transparent_payment_redirect.xml frontend/layout/transparent_payment_redirect.xml
new file mode 100644
index 00000000000..01acf03c0d0
--- dev/null
+++ frontend/layout/transparent_payment_redirect.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0"?>
+<!--
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+-->
+<layout xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/layout_generic.xsd">
+    <container name="root" label="Root">
+        <block class="Magento\Payment\Block\Transparent\Redirect" name="transparent_redirect" template="Magento_Payment::transparent/redirect.phtml">
+            <arguments>
+                <argument name="route_path" xsi:type="string">paypal/transparent/response</argument>
+            </arguments>
+        </block>
+    </container>
+</layout>

When I applied the patch I didn’t get any installation errors, but I see that a few files didn't patch in the PayPal module for some reason and were skipped:

$ composer -v install
Gathering patches for root package.
Removing package magento/module-payment so that it can be re-installed and re-patched.
  - Removing magento/module-payment (100.3.4)
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.
Dependency resolution completed in 0.013 seconds
Analyzed 932 packages to resolve dependencies
Analyzed 6300 rules to resolve dependencies
Package operations: 1 install, 0 updates, 0 removals
Installs: magento/module-payment:100.3.4
Gathering patches for root package.
Gathering patches for dependencies. This might take a minute.
Found 1 patches for magento/module-payment.
  - Installing magento/module-payment (100.3.4): Downloading (100%)         
 Extracting archive  - Applying patches for magento/module-payment
    patches/composer/MDVA-25602_EE_2.3.4_payment.composer.patch (PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome–Payment Module)
patch '-p1' --no-backup-if-mismatch -d '/srv/<root>/vendor/magento/module-payment' < '/srv/<root>/patches/composer/MDVA-25602_EE_2.3.4_payment.composer.patch'
patching file null

patching file null
patching file null

Gathering patches for root package.
Removing package magento/module-paypal so that it can be re-installed and re-patched.
  - Removing magento/module-paypal (100.3.4)
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Warning: The lock file is not up to date with the latest changes in composer.json. You may be getting outdated dependencies. Run update to update them.
Dependency resolution completed in 0.013 seconds
Analyzed 932 packages to resolve dependencies
Analyzed 6289 rules to resolve dependencies
Package operations: 1 install, 0 updates, 0 removals
Installs: magento/module-paypal:100.3.4
Gathering patches for root package.
Gathering patches for dependencies. This might take a minute.
Found 1 patches for magento/module-payment.
Found 1 patches for magento/module-paypal.
  - Installing magento/module-paypal (100.3.4): Downloading (100%)         
 Extracting archive  - Applying patches for magento/module-paypal
    patches/composer/MDVA-25602_EE_2.3.4_paypal.composer.patch (PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome–PayPal Module)
patch '-p1' --no-backup-if-mismatch -d '/srv/<root>/vendor/magento/module-paypal' < '/srv/<root>/patches/composer/MDVA-25602_EE_2.3.4_paypal.composer.patch'
patching file null

patching file null
can't find file to patch at input line 128
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git Model/Payflow/Service/Request/SecureToken.php Model/Payflow/Service/Request/SecureToken.php
|index 2a4ec764c41..6e9990f65c4 100644
|--- Model/Payflow/Service/Request/SecureToken.php
|+++ Model/Payflow/Service/Request/SecureToken.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.

1 out of 1 hunk ignored
can't find file to patch at input line 145
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git Model/Payflow/Service/Response/Transaction.php Model/Payflow/Service/Response/Transaction.php
|index 5db78e6fac5..1e97ac8b8c7 100644
|--- Model/Payflow/Service/Response/Transaction.php
|+++ Model/Payflow/Service/Response/Transaction.php
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.
2 out of 2 hunks ignored
patching file null
can't find file to patch at input line 224
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git etc/di.xml etc/di.xml
|index c0141bbb321..973ed0f9192 100644
|--- etc/di.xml
|+++ etc/di.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.
1 out of 1 hunk ignored
can't find file to patch at input line 236
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|diff --git etc/frontend/page_types.xml etc/frontend/page_types.xml
|index 133ab1ca761..1da5d54fb38 100644
|--- etc/frontend/page_types.xml
|+++ etc/frontend/page_types.xml
--------------------------
File to patch: 
Skip this patch? [y] 
Skipping patch.
1 out of 1 hunk ignored

patching file null
patching file null

patch '-p0' --no-backup-if-mismatch -d '/srv/<root>/vendor/magento/module-paypal' < '/srv/<root>/patches/composer/MDVA-25602_EE_2.3.4_paypal.composer.patch'
patching file Controller/Adminhtml/Transparent/Redirect.php

patching file Controller/Transparent/Redirect.php

patching file Model/Payflow/Service/Request/SecureToken.php

patching file Model/Payflow/Service/Response/Transaction.php

patching file Plugin/TransparentSessionChecker.php

patching file etc/di.xml

patching file etc/frontend/page_types.xml

patching file dev/null

patching file dev/null

When I attempt to put through an order I still have the problem with Chrome blocking cookies. Though, the paypal/transparent/response endpoint was no longer being blocked. For some reason the transaction still hangs and won’t post. In console it shows that payflowlink.paypal.com still has a cookie issue.

There seems to be some syntax error or something on the patch file causing it not to finish installation on the PayPal module. If someone could offer some assistance that would be really helpful.

It seems like some people are having troubles with creating patches for this issue, so I've gone ahead and made a patchset based on https://github.com/magento/magento2/commit/b6b38d54a58dbabc562bd66c14167d44f7778fd7 which can be applied cleanly on Magento OS 2.3.4 with cweagans/composer-patches.

Be aware: I only tested if the patch can be applied, I didn't test if the patch actually does fix this issue.

Here are the 3 patches:
MC-31573-patches.zip

And here is the json which references them (it assumes you've put the patches in a directory vendor_patches):

        "magento/module-payment": {
            "MC-31573 - PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome 80": "vendor_patches/MC-31573-Payment.diff"
        },
        "magento/module-paypal": {
            "MC-31573 - PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome 80": "vendor_patches/MC-31573-Paypal.diff"
        },
        "magento/magento2-base": {
            "MC-31573 - PayflowPro Checkout Broken with SameSite Cookie Changes from Chrome 80": "vendor_patches/MC-31573-Base.diff"
        }

I hope this helps 🙂

I am facing the same issue and I am using Mangento OS version 2.2.8. Is there a patch available for the Magento OS 2.2.8 as well?

@hostep the patch worked as expected! Thanks very much for doing that, you're a life saver.

A general question posed to all: Since the patch is installed on 2.3.4 and then 2.3.5 comes out later in April and fixes this very issue, how does one upgrade to 2.3.5 without the patch conflict? Is it just a matter of removing the patch reference from composer and then running composer update?

@pioneerathletics yes, you would remove the patch after/when upgrading to 2.3.5

I was having the same issue, losing session data on our custom payment gateway on Chrome 80.
The patch worked for me. I created a small guide (in Spanish) following some instructions from here. Thanks!

https://medium.com/@gonzunigad/magento-2-3-x-chrome-80-y-problemas-en-el-proceso-pago-7fd2b7ff74f9

Will the patch for 2.3.4 work for 2.3.3? I really would love a patch for 2.3.3 but don't see one out here.

@gonzunigad will your guide work for 2.3.3?

Hi,
I've applied code from @hostep patchset on 2.3.3 and got the issue resolved!
Currently with that fixes I'm able to create orders in admin and on frontend checkout using Payflow and skipping the error 'No such entity with cartId = 0' in logs that throws by \Magento\Paypal\Controller\Transparent\Response
via $this->transaction->savePaymentInQuote($response, (int)$this->sessionTransparent->getQuoteId()); where $this->sessionTransparent->getQuoteId() was previously NULL.

Here is the same patches that can be applied on 2.3.3 by running git apply command.
MC-31573.tar.gz

Hi,
I've applied code from @hostep patchset on 2.3.3 and got the issue resolved!
Currently with that fixes I'm able to create orders in admin and on frontend checkout using Payflow and skipping the error 'No such entity with cartId = 0' in logs that throws by \Magento\Paypal\Controller\Transparent\Response
via $this->transaction->savePaymentInQuote($response, (int)$this->sessionTransparent->getQuoteId()); where $this->sessionTransparent->getQuoteId() was previously NULL.

Here is the same patches that can be applied on 2.3.3 by running git apply command.
MC-31573.tar.gz

Thank you for sharing. I will try this.

I know this is not a solution but this will reduce the occurrence....you can add below lines of code in your footer area of Magento.

/* as 120000 milliseconds = 60 seconds = 1 minute. */

Hi,
I've applied code from @hostep patchset on 2.3.3 and got the issue resolved!
Currently with that fixes I'm able to create orders in admin and on frontend checkout using Payflow and skipping the error 'No such entity with cartId = 0' in logs that throws by \Magento\Paypal\Controller\Transparent\Response
via $this->transaction->savePaymentInQuote($response, (int)$this->sessionTransparent->getQuoteId()); where $this->sessionTransparent->getQuoteId() was previously NULL.
Here is the same patches that can be applied on 2.3.3 by running git apply command.
MC-31573.tar.gz

Thank you for sharing. I will try this.

@lbrown-magento does this patch will also work with Magento community ver. 2.3.0 ?

For all the people requesting if the patch works on older versions of Magento: best way to figure that out is to actually test it 😉
And when you tested it, then give some feedback here to help the other people out 🙂

For all the people requesting if the patch works on older versions of Magento: best way to figure that out is to actually test it wink
And when you tested it, then give some feedback here to help the other people out slightly_smiling_face

Hi Hostep
Can we use this patch without using composer.. can we directly use via terminal ? like normal .patch file ?

@imebrijesh: possibly, you can try it, but you'll need to apply them to the different modules.

You can also try https://github.com/magento/magento2/commit/b6b38d54a58dbabc562bd66c14167d44f7778fd7.diff (but be sure to update the paths from app/code/Magento/... to vendor/magento/... if you use composer)

@imebrijesh: possibly, you can try it, but you'll need to apply them to the different modules.

You can also try https://github.com/magento/magento2/commit/b6b38d54a58dbabc562bd66c14167d44f7778fd7.diff (but be sure to update the paths from app/code/Magento/... to vendor/magento/... if you use composer)

Thanks for your reply.. but can you please guide me how to run this ".diff" file using terminal(putty)? I am using community version 2.3.0

I know this is not a solution but this will reduce the occurrence....you can add below lines of code in your footer area of Magento.

/* as 120000 milliseconds = 60 seconds = 1 minute. */

@imebrijesh what is the exact purpose of this code? what will it do?

Basically... this code will not allow to reset quote object of Magento (Due
to this the error is occurring) as it will reload the payment step again
during checkout after 2 minutes of Page load.

-Brijesh

On Tue, 5 May, 2020, 10:32 am Ckaneriya, notifications@github.com wrote:

I know this is not a solution but this will reduce the occurrence....you
can add below lines of code in your footer area of Magento.

/* as 120000 milliseconds = 60 seconds = 1 minute. */

@imebrijesh https://github.com/imebrijesh what is the exact purpose of
this code? what will it do?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/magento/magento2/issues/26840#issuecomment-623857440,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/APDZXI7VWIAAMHE7RWVWR5TRP6MVBANCNFSM4KTZUN4A
.

Patch was working for 2.3.4, after updating to 2.3.5 it is no longer working, it tells me that it could not apply the patch and errors. Is it needed in 2.3.5 release? if so, is there a new release version of this patch? I could not find it

For the people confused about the same thing as @gxrobb (we've already discussed it in Slack), but the patch is part of the 2.3.5 release, so it's no longer needed to apply the patch on Magento 2.3.5 🙂

Hi,
I've applied code from @hostep patchset on 2.3.3 and got the issue resolved!
Currently with that fixes I'm able to create orders in admin and on frontend checkout using Payflow and skipping the error 'No such entity with cartId = 0' in logs that throws by \Magento\Paypal\Controller\Transparent\Response
via $this->transaction->savePaymentInQuote($response, (int)$this->sessionTransparent->getQuoteId()); where $this->sessionTransparent->getQuoteId() was previously NULL.

Here is the same patches that can be applied on 2.3.3 by running git apply command.
MC-31573.tar.gz

hostep's attachment of patches had a file called MC-31573-Base.diff but yours did not... Did you not apply that patch for your 2.3.3 installation?

Hi @AndyJAllen, I have not applied MC-31573-Base.diff due to it contains dev/tests code only but if You perform code-testing using Magento apparently that patch should be applied also.

Hello All, we are using Magento 2.3.5-p1 and PayPal Pro is not working. The loader keep loading when trying to generate the order from the checkout page. I checked and found that the URL https://www.xyz.com/paypal/transparent/redirect/ is 404!!!! I checked and found that this controller and all the patch files are there but then also getting 404 in "Network" tab in the browser and PayPal pro is not working for our website. Can anyone help us to solve this?

Hi All,
I have upgraded my Magento version from 2.2.8 to 2.3.4 and applied the patch successfully. But the PayFlow too almost 23 seconds from Place Order to the Confirmation page. Anyone have an idea about that or it works in this way?

Hi,
I've applied code from @hostep patchset on 2.3.3 and got the issue resolved!
Currently with that fixes I'm able to create orders in admin and on frontend checkout using Payflow and skipping the error 'No such entity with cartId = 0' in logs that throws by \Magento\Paypal\Controller\Transparent\Response
via $this->transaction->savePaymentInQuote($response, (int)$this->sessionTransparent->getQuoteId()); where $this->sessionTransparent->getQuoteId() was previously NULL.

Here is the same patches that can be applied on 2.3.3 by running git apply command.
MC-31573.tar.gz

how do you fix/

@pilardo: it means the patch was already applied and shouldn't be applied any longer. Or, if you are already on Magento 2.3.5, you no longer need this patch.

If you want to automate things, I suggest you take a look at one of these composer modules which can automate the patching process when you run composer install: https://github.com/cweagans/composer-patches/ or https://github.com/vaimo/composer-patches (for the last module, if you use patches generated by git, which seems to be the case here, you'd best use "patcher": { "levels": [1] } in the configuration)

@pilardo: it means the patch was already applied and shouldn't be applied any longer. Or, if you are already on Magento 2.3.5, you no longer need this patch.

If you want to automate things, I suggest you take a look at one of these composer modules which can automate the patching process when you run composer install: https://github.com/cweagans/composer-patches/ or https://github.com/vaimo/composer-patches (for the last module, if you use patches generated by git, which seems to be the case here, you'd best use "patcher": { "levels": [1] } in the configuration)

@hostep Thanks for the info.

It is not working on magento 2.3.5.

here's a response from the console: {"payflowpro":{"fields":{"result":"0","securetoken":"8A6RZj1l0QkePrcnTzEJZ7gFW","securetokenid":"nW5gMJbAoTizGHb1t3CGYSreBYijQ0fp","respmsg":"Approved","result_code":"0"}},"success":true,"error":false}

Hello @pilardo - can you please set the domain name under cookie from magento backend and check it.
Like : https://prnt.sc/txy7n6
Than check it in private window.

Not working for magento 2.3.0, any suggestions?

Hi all.
I've tried to rework patch https://github.com/magento/magento2/commit/231ba74c725a4e7d4171b2735f7eb2808a5f4c98 for M2.2.1. And all is working, except for fixing error (

Try to pay with Payflow Pro In Admin.
Admin Session breaks before new Redirect Controller is executed.

• paypal/transparent/requestSecureToken - executes Ok.
  admin cookie is 88c7689aab298e51feb0cadd9c6cffd0
• next request goes to pyflow https://payflowlink.paypal.com/ and has error with SameSite cookie
  
• after this new Redirect Controller from patch is called
  and admin cookie now 2fcb4d7364dc427ba2b417a4336b369c.
  Session not exist, quote not exists. Got error 'No such entity with cartId = ' and redirect to admin login page.

Do not know where should I check/debug/do next to fix this issue.

@mozok, M2.2.1? You seriously? It makes sense perform upgrade first to get 'No such entity' bug resolved.

@aholovan Yeah, agree. This was the first, what we said to the client. But unfortunately, client do not want to upgrade.

Long story short, I've managed to resolve this issue for M2.2.1. Combining this two commits https://github.com/magento/magento2/commit/231ba74c725a4e7d4171b2735f7eb2808a5f4c98 and https://github.com/magento/magento2/commit/b40ca8a8

The patch solving a similar issue is available in Magento Quality Patches package (MQP)

Patch
MDVA-25602: Fixes issue with PayPal Payflow Pro payment method and treating cookies as SameSite=Lax by default in the Chrome 80 browser and API response redirect to customer login page.

Compatible versions
Magento OpenSource/Commerce/Commerce Cloud 2.3.0 - 2.3.5

:warning: We strongly recommend testing all patches in a staging or development environment before deploying to production.

Applying a patch - Magento OpenSource/Commerce

1. $ composer require magento/quality-patches
2. $ ./vendor/bin/magento-patches apply MDVA-25602

See MQP Magento Commerce documentation

Applying a patch - Magento Commerce Cloud
See MQP Magento Commerce Cloud documentation

@iamvishalrathod patch MDVA-25602 was updated to be compatible with Magento 2.3.0