dwindown/WooNooW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: critical - add shipping_cost/title to sanitize_payload whitelist

Browse Source 
ROOT CAUSE: The sanitize_payload() method was returning a whitelist of
allowed fields, but shipping_cost, shipping_title, custom_fields, and
customer_note were NOT included. This caused these values to be null
even though the frontend was sending them correctly.

Added:
- shipping_cost (float)
- shipping_title (sanitized text)
- custom_fields (array)
- customer_note (sanitized textarea)

This should fix shipping not being applied to order totals.
This commit is contained in:
Dwindi Ramadhana
2026-01-09 09:45:46 +07:00
parent e04f1fd93f
commit 942fb48a0b
2 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
customer-spa/src/pages/Checkout/index.tsx
View File

@@ -569,6 +569,16 @@ export default function Checkout() {
custom_fields: customFieldData,
};
// DEBUG: Log shipping data being sent
console.log('[WooNooW DEBUG] Order Shipping Data:', {
selectedShippingRate,
shippingCost,
shippingRatesCount: shippingRates.length,
foundRate: shippingRates.find(r => r.id === selectedShippingRate),
orderData_shipping_cost: orderData.shipping_cost,
orderData_shipping_title: orderData.shipping_title,
});
// Submit order
const response = await apiClient.post('/checkout/submit', orderData);
const data = (response as any).data || response;