@akinon/next 1.115.0-snapshot-ZERO-3895-20251210115756 → 1.116.0-rc.0

package/CHANGELOG.md

@@ -1,6 +1,26 @@
 # @akinon/next
 
-## 1.115.0-snapshot-ZERO-3895-20251210115756
+## 1.116.0-rc.0
+
+### Minor Changes
+
+- d2c0e759: ZERO-3684: Handle cross-origin iframe access in iframeURLChange function
+- b55acb76: ZERO-2577: Fix pagination bug and update usePagination hook and ensure pagination controls rendering correctly
+- 143be2b9: ZERO-3457: Crop styles are customizable and logic improved for rendering similar products modal
+- 9f8cd3bc: ZERO-3449: AI Search Active Filters & Crop Style changes have been implemented
+- d99a6a7d: ZERO-3457_1: Fixed the settings prop and made sure everything is customizable.
+- 4de5303c: ZERO-2504: add cookie filter to api client request
+- 95b139dc: ZERO-3795: Remove duplicate entry for SavedCard in PluginComponents map
+
+## 1.115.0
+
+### Minor Changes
+
+- b59bed4d: ZERO-3878: Reintegrated similar products and removed localStorage checks and implemented props based showing of buttons
+- b5f9d75c: ZERO-3873: Refactor payment redirection middlewares to properly forward all set-cookie headers from upstream responses
+- cbcfdf4d: ZERO-3859: Haso payment gateway implmeneted
+- 71882722: ZERO-3897: Add compress option to default Next.js configuration
+- 7056203a: ZERO-3875: removed shared_tags through stripTags function for unused keys
 
 ## 1.114.0
 

package/api/image-proxy.ts

@@ -0,0 +1,75 @@
+import { NextRequest, NextResponse } from 'next/server';
+
+async function proxyImage(imageUrl: string) {
+  if (!imageUrl) {
+    return NextResponse.json(
+      { success: false, error: 'Missing url parameter' },
+      { status: 400 }
+    );
+  }
+
+  const imageResponse = await fetch(imageUrl);
+
+  if (!imageResponse.ok) {
+    return NextResponse.json(
+      { success: false, error: 'Failed to fetch image from URL' },
+      { status: 400 }
+    );
+  }
+
+  const imageBuffer = await imageResponse.arrayBuffer();
+  const base64Image = Buffer.from(imageBuffer).toString('base64');
+  const contentType = imageResponse.headers.get('content-type') || 'image/jpeg';
+
+  return { base64Image, contentType, imageBuffer };
+}
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url);
+    const imageUrl = searchParams.get('url');
+
+    const result = await proxyImage(imageUrl!);
+    if (result instanceof NextResponse) {
+      return result;
+    }
+
+    return new NextResponse(result.imageBuffer, {
+      status: 200,
+      headers: {
+        'Content-Type': result.contentType,
+        'Access-Control-Allow-Origin': '*',
+        'Cache-Control': 'public, max-age=3600'
+      }
+    });
+  } catch (error) {
+    console.error('Image proxy error:', error);
+    return NextResponse.json(
+      { success: false, error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}
+
+export async function POST(request: NextRequest) {
+  try {
+    const body = await request.json();
+    const imageUrl = body.imageUrl;
+
+    const result = await proxyImage(imageUrl);
+    if (result instanceof NextResponse) {
+      return result;
+    }
+
+    return NextResponse.json({
+      success: true,
+      base64Image: `data:${result.contentType};base64,${result.base64Image}`
+    });
+  } catch (error) {
+    console.error('Image proxy POST error:', error);
+    return NextResponse.json(
+      { success: false, error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}

package/api/product-categories.ts

@@ -0,0 +1,53 @@
+import { NextRequest, NextResponse } from 'next/server';
+import { getProductData } from '@akinon/next/data/server';
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url);
+    const pksParam = searchParams.get('pks');
+
+    if (!pksParam) {
+      return NextResponse.json(
+        { error: 'pks parameter required' },
+        { status: 400 }
+      );
+    }
+
+    const pks = pksParam.split(',').map(Number).filter(Boolean);
+
+    if (pks.length === 0) {
+      return NextResponse.json({ error: 'Invalid pks' }, { status: 400 });
+    }
+
+    const results = await Promise.all(
+      pks.map(async (pk) => {
+        try {
+          const { breadcrumbData } = await getProductData({ pk });
+
+          const categoryIds =
+            breadcrumbData
+              ?.map((item: any) => item.extra_context?.attributes?.category_id)
+              .filter(Boolean) || [];
+
+          return { pk, categoryIds };
+        } catch (error) {
+          console.error(`Error fetching product ${pk}:`, error);
+          return { pk, categoryIds: [] };
+        }
+      })
+    );
+
+    const mapping: Record<string, number[]> = {};
+    results.forEach(({ pk, categoryIds }) => {
+      mapping[String(pk)] = categoryIds;
+    });
+
+    return NextResponse.json(mapping);
+  } catch (error) {
+    console.error('Error in product-categories API:', error);
+    return NextResponse.json(
+      { error: 'Internal server error' },
+      { status: 500 }
+    );
+  }
+}

package/api/similar-product-list.ts

@@ -0,0 +1,63 @@
+import { NextRequest, NextResponse } from 'next/server';
+import Settings from 'settings';
+
+export async function GET(request: NextRequest) {
+  try {
+    const { searchParams } = new URL(request.url);
+    const dynamicFilter = request.headers.get('x-search-dynamic-filter');
+    const dynamicExclude = request.headers.get('x-search-dynamic-exclude');
+
+    if (!dynamicFilter && !dynamicExclude) {
+      return NextResponse.json(
+        {
+          error:
+            'Missing x-search-dynamic-filter or x-search-dynamic-exclude header'
+        },
+        { status: 400 }
+      );
+    }
+
+    if (Settings.commerceUrl === 'default') {
+      return NextResponse.json(
+        { error: 'Commerce URL is not configured' },
+        { status: 500 }
+      );
+    }
+
+    const queryString = searchParams.toString();
+    const apiUrl = `${Settings.commerceUrl}/list${
+      queryString ? `?${queryString}` : ''
+    }`;
+
+    const headers: Record<string, string> = {
+      Accept: 'application/json',
+      'Content-Type': 'application/json'
+    };
+
+    if (dynamicFilter) {
+      headers['x-search-dynamic-filter'] = dynamicFilter;
+    } else if (dynamicExclude) {
+      headers['x-search-dynamic-exclude'] = dynamicExclude;
+    }
+
+    const response = await fetch(apiUrl, {
+      method: 'GET',
+      headers
+    });
+
+    if (!response.ok) {
+      return NextResponse.json(
+        { error: `API request failed with status: ${response.status}` },
+        { status: response.status }
+      );
+    }
+
+    const data = await response.json();
+    return NextResponse.json(data);
+  } catch (error) {
+    return NextResponse.json(
+      { error: (error as Error).message },
+      { status: 500 }
+    );
+  }
+}

package/api/similar-products.ts

@@ -0,0 +1,111 @@
+import { NextResponse } from 'next/server';
+import Settings from 'settings';
+
+const IMAGE_SEARCH_API_URL = Settings.commerceUrl + '/image-search/';
+
+const errorResponse = (message: string, status: number) => {
+  return NextResponse.json({ error: message }, { status });
+};
+
+export async function GET(request: Request) {
+  const { searchParams } = new URL(request.url);
+  const limit = searchParams.get('limit') || '20';
+  const url = searchParams.get('url');
+  const excludedProductIds = searchParams.get('excluded_product_ids');
+
+  if (!url) {
+    return errorResponse('URL parameter is required', 400);
+  }
+
+  if (Settings.commerceUrl === 'default') {
+    return errorResponse('Commerce URL is not configured', 500);
+  }
+
+  const apiParams = new URLSearchParams();
+  apiParams.append('limit', limit);
+  apiParams.append('url', url);
+
+  if (excludedProductIds) {
+    apiParams.append('excluded_product_ids', excludedProductIds);
+  }
+
+  const apiUrl = `${IMAGE_SEARCH_API_URL}?${apiParams.toString()}`;
+
+  try {
+    const response = await fetch(apiUrl, {
+      method: 'GET',
+      headers: {
+        Accept: 'application/json'
+      }
+    });
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      return errorResponse(
+        errorText || `API request failed with status: ${response.status}`,
+        response.status
+      );
+    }
+
+    const responseText = await response.text();
+
+    return NextResponse.json(JSON.parse(responseText));
+  } catch (error) {
+    return errorResponse((error as Error).message, 500);
+  }
+}
+
+export async function POST(request: Request) {
+  const { searchParams } = new URL(request.url);
+  const limit = searchParams.get('limit') || '20';
+
+  if (Settings.commerceUrl === 'default') {
+    return errorResponse('Commerce URL is not configured', 500);
+  }
+
+  let requestBody;
+  try {
+    requestBody = await request.json();
+  } catch (error) {
+    return errorResponse('Invalid JSON in request body', 400);
+  }
+
+  if (!requestBody.image) {
+    return errorResponse('Image data is required in request body', 400);
+  }
+
+  const apiParams = new URLSearchParams();
+  apiParams.append('limit', limit);
+
+  const apiUrl = `${IMAGE_SEARCH_API_URL}?${apiParams.toString()}`;
+
+  const bodyData: any = { image: requestBody.image };
+
+  if (requestBody.excluded_product_ids) {
+    bodyData.excluded_product_ids = requestBody.excluded_product_ids;
+  }
+
+  try {
+    const response = await fetch(apiUrl, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Accept: 'application/json'
+      },
+      body: JSON.stringify(bodyData)
+    });
+
+    if (!response.ok) {
+      const errorText = await response.text();
+      return errorResponse(
+        errorText || `API request failed with status: ${response.status}`,
+        response.status
+      );
+    }
+
+    const responseData = await response.json();
+    return NextResponse.json(responseData);
+  } catch (error) {
+    return errorResponse((error as Error).message, 500);
+  }
+}

package/components/plugin-module.tsx

@@ -24,7 +24,9 @@ enum Plugin {
   FlowPayment = 'pz-flow-payment',
   VirtualTryOn = 'pz-virtual-try-on',
   Hepsipay = 'pz-hepsipay',
-  MasterpassRest = 'pz-masterpass-rest'
+  MasterpassRest = 'pz-masterpass-rest',
+  SimilarProducts = 'pz-similar-products',
+  Haso = 'pz-haso'
 }
 
 export enum Component {
@@ -55,7 +57,15 @@ export enum Component {
   IyzicoSavedCard = 'IyzicoSavedCardOption',
   Hepsipay = 'Hepsipay',
   FlowPayment = 'FlowPayment',
-  MasterpassRest = 'MasterpassRestOption'
+  MasterpassRest = 'MasterpassRestOption',
+  SimilarProductsModal = 'SimilarProductsModal',
+  SimilarProductsFilterSidebar = 'SimilarProductsFilterSidebar',
+  SimilarProductsResultsGrid = 'SimilarProductsResultsGrid',
+  SimilarProductsPlugin = 'SimilarProductsPlugin',
+  ProductImageSearchFeature = 'ProductImageSearchFeature',
+  ImageSearchButton = 'ImageSearchButton',
+  HeaderImageSearchFeature = 'HeaderImageSearchFeature',
+  HasoPaymentGateway = 'HasoPaymentGateway'
 }
 
 const PluginComponents = new Map([
@@ -88,8 +98,19 @@ const PluginComponents = new Map([
     [Component.AkifastQuickLoginButton, Component.AkifastCheckoutButton]
   ],
   [Plugin.MultiBasket, [Component.MultiBasket]],
+  [
+    Plugin.SimilarProducts,
+    [
+      Component.SimilarProductsModal,
+      Component.SimilarProductsFilterSidebar,
+      Component.SimilarProductsResultsGrid,
+      Component.SimilarProductsPlugin,
+      Component.ProductImageSearchFeature,
+      Component.ImageSearchButton,
+      Component.HeaderImageSearchFeature
+    ]
+  ],
   [Plugin.SavedCard, [Component.SavedCard, Component.IyzicoSavedCard]],
-  [Plugin.SavedCard, [Component.SavedCard]],
   [Plugin.FlowPayment, [Component.FlowPayment]],
   [
     Plugin.VirtualTryOn,
@@ -97,7 +118,8 @@ const PluginComponents = new Map([
   ],
   [Plugin.Hepsipay, [Component.Hepsipay]],
   [Plugin.Hepsipay, [Component.Hepsipay]],
-  [Plugin.MasterpassRest, [Component.MasterpassRest]]
+  [Plugin.MasterpassRest, [Component.MasterpassRest]],
+  [Plugin.Haso, [Component.HasoPaymentGateway]]
 ]);
 
 const getPlugin = (component: Component) => {
@@ -162,6 +184,8 @@ export default function PluginModule({
               promise = import(`${'@akinon/pz-multi-basket'}`);
             } else if (plugin === Plugin.SavedCard) {
               promise = import(`${'@akinon/pz-saved-card'}`);
+            } else if (plugin === Plugin.SimilarProducts) {
+              promise = import(`${'@akinon/pz-similar-products'}`);
             } else if (plugin === Plugin.Hepsipay) {
               promise = import(`${'@akinon/pz-hepsipay'}`);
             } else if (plugin === Plugin.FlowPayment) {
@@ -170,6 +194,10 @@ export default function PluginModule({
               promise = import(`${'@akinon/pz-virtual-try-on'}`);
             } else if (plugin === Plugin.MasterpassRest) {
               promise = import(`${'@akinon/pz-masterpass-rest'}`);
+            } else if (plugin === Plugin.SimilarProducts) {
+              promise = import(`${'@akinon/pz-similar-products'}`);
+            } else if (plugin === Plugin.Haso) {
+              promise = import(`${'@akinon/pz-haso'}`);
             }
           } catch (error) {
             logger.error(error);

package/data/urls.ts

@@ -183,7 +183,11 @@ export const product = {
   breadcrumbUrl: (menuitemmodel: string) =>
     `/menus/generate_breadcrumb/?item=${menuitemmodel}&generator_name=menu_item`,
   bundleProduct: (productPk: string, queryString: string) =>
-    `/bundle-product/${productPk}/?${queryString}`
+    `/bundle-product/${productPk}/?${queryString}`,
+  similarProducts: (params?: string) =>
+    `/similar-products${params ? `?${params}` : ''}`,
+  similarProductsList: (params?: string) =>
+    `/similar-product-list${params ? `?${params}` : ''}`
 };
 
 export const wishlist = {

package/lib/cache-handler.mjs

@@ -463,6 +463,14 @@ CacheHandler.onCreation(async () => {
     set: async (key, value, context) => {
       const vKey = versionKey(key);
 
+      const stripTags = (val) => {
+        if (val && typeof val === 'object') {
+          const { tags, ...rest } = val;
+          return { ...rest, tags: [] };
+        }
+        return val;
+      };
+
       let compressedValue;
       let shouldUseCompressed = false;
 
@@ -482,12 +490,12 @@ CacheHandler.onCreation(async () => {
 
       if (shouldUseCompressed) {
         try {
-          await redisHandler.set(vKey, compressedValue, context);
+          await redisHandler.set(vKey, stripTags(compressedValue), context);
 
           redisSetResult = { status: 'fulfilled' };
         } catch (compressionError) {
           try {
-            await redisHandler.set(vKey, value, context);
+            await redisHandler.set(vKey, stripTags(value), context);
 
             redisSetResult = { status: 'fulfilled' };
           } catch (fallbackError) {
@@ -496,7 +504,7 @@ CacheHandler.onCreation(async () => {
         }
       } else {
         try {
-          await redisHandler.set(vKey, value, context);
+          await redisHandler.set(vKey, stripTags(value), context);
           redisSetResult = { status: 'fulfilled' };
         } catch (error) {
           redisSetResult = { status: 'rejected', reason: error };
@@ -510,8 +518,8 @@ CacheHandler.onCreation(async () => {
         localSetResult = { status: 'fulfilled' };
       } catch (error) {
         localSetResult = { status: 'rejected', reason: error };
-        return localSetResult;
       }
+      return localSetResult;
     },
     delete: async (key, context) => {
       const vKey = versionKey(key);

package/middlewares/complete-gpay.ts

@@ -64,7 +64,7 @@ const withCompleteGpay =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -72,14 +72,14 @@ const withCompleteGpay =
 
       logger.info('Complete GPay payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -93,18 +93,27 @@ const withCompleteGpay =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -119,7 +128,7 @@ const withCompleteGpay =
           {
             middleware: 'complete-gpay',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -147,10 +156,11 @@ const withCompleteGpay =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/complete-masterpass.ts

@@ -65,7 +65,7 @@ const withCompleteMasterpass =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -73,14 +73,14 @@ const withCompleteMasterpass =
 
       logger.info('Complete Masterpass payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -94,18 +94,27 @@ const withCompleteMasterpass =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -120,7 +129,7 @@ const withCompleteMasterpass =
           {
             middleware: 'complete-masterpass',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -148,10 +157,11 @@ const withCompleteMasterpass =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/complete-wallet.ts

@@ -61,7 +61,7 @@ const withCompleteWallet =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -69,14 +69,14 @@ const withCompleteWallet =
 
       logger.info('Complete Wallet payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -90,18 +90,27 @@ const withCompleteWallet =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -116,7 +125,7 @@ const withCompleteWallet =
           {
             middleware: 'complete-wallet',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -144,10 +153,11 @@ const withCompleteWallet =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/redirection-payment.ts

@@ -65,7 +65,7 @@ const withRedirectionPayment =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -73,14 +73,14 @@ const withRedirectionPayment =
 
       logger.info('Complete redirection payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -94,18 +94,27 @@ const withRedirectionPayment =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -120,7 +129,7 @@ const withRedirectionPayment =
           {
             middleware: 'redirection-payment',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -148,10 +157,11 @@ const withRedirectionPayment =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/saved-card-redirection.ts

@@ -65,7 +65,7 @@ const withSavedCardRedirection =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -73,14 +73,14 @@ const withSavedCardRedirection =
 
       logger.info('Complete 3D payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -94,18 +94,27 @@ const withSavedCardRedirection =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -120,7 +129,7 @@ const withSavedCardRedirection =
           {
             middleware: 'saved-card-redirection',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -148,10 +157,11 @@ const withSavedCardRedirection =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/three-d-redirection.ts

@@ -64,7 +64,7 @@ const withThreeDRedirection =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -72,14 +72,14 @@ const withThreeDRedirection =
 
       logger.info('Complete 3D payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -93,18 +93,27 @@ const withThreeDRedirection =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -119,7 +128,7 @@ const withThreeDRedirection =
           {
             middleware: 'three-d-redirection',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -147,10 +156,11 @@ const withThreeDRedirection =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/middlewares/wallet-complete-redirection.ts

@@ -85,7 +85,7 @@ const withWalletCompleteRedirection =
         );
       }
 
-      const request = await fetch(requestUrl, {
+      const fetchResponse = await fetch(requestUrl, {
         method: 'POST',
         headers: requestHeaders,
         body
@@ -93,14 +93,14 @@ const withWalletCompleteRedirection =
 
       logger.info('Complete wallet payment request', {
         requestUrl,
-        status: request.status,
+        status: fetchResponse.status,
         requestHeaders,
         ip
       });
 
-      const response = await request.json();
+      const responseData = await fetchResponse.json();
 
-      const { context_list: contextList, errors } = response;
+      const { context_list: contextList, errors } = responseData;
       const redirectionContext = contextList?.find(
         (context) => context.page_context?.redirect_url
       );
@@ -114,18 +114,27 @@ const withWalletCompleteRedirection =
           ip
         });
 
-        return NextResponse.redirect(
+        const errorResponse = NextResponse.redirect(
           `${url.origin}${getUrlPathWithLocale(
             '/orders/checkout/',
             req.cookies.get('pz-locale')?.value
           )}`,
-          {
-            status: 303,
-            headers: {
-              'Set-Cookie': `pz-pos-error=${JSON.stringify(errors)}; path=/;`
-            }
-          }
+          303
         );
+
+        // Forward set-cookie headers from the upstream response
+        const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+        setCookies.forEach((cookie) => {
+          errorResponse.headers.append('Set-Cookie', cookie);
+        });
+
+        // Add error cookie
+        errorResponse.headers.append(
+          'Set-Cookie',
+          `pz-pos-error=${JSON.stringify(errors)}; path=/;`
+        );
+
+        return errorResponse;
       }
 
       logger.info('Order success page context list', {
@@ -140,7 +149,7 @@ const withWalletCompleteRedirection =
           {
             middleware: 'wallet-complete-redirection',
             requestHeaders,
-            response: JSON.stringify(response),
+            response: JSON.stringify(responseData),
             ip
           }
         );
@@ -168,10 +177,11 @@ const withWalletCompleteRedirection =
       // So we use 303 status code to change the method to GET
       const nextResponse = NextResponse.redirect(redirectUrlWithLocale, 303);
 
-      nextResponse.headers.set(
-        'Set-Cookie',
-        request.headers.get('set-cookie') ?? ''
-      );
+      // Forward all set-cookie headers from the upstream response
+      const setCookies = fetchResponse.headers.getSetCookie?.() ?? [];
+      setCookies.forEach((cookie) => {
+        nextResponse.headers.append('Set-Cookie', cookie);
+      });
 
       return nextResponse;
     } catch (error) {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@akinon/next",
   "description": "Core package for Project Zero Next",
-  "version": "1.115.0-snapshot-ZERO-3895-20251210115756",
+  "version": "1.116.0-rc.0",
   "private": false,
   "license": "MIT",
   "bin": {
@@ -35,7 +35,7 @@
     "set-cookie-parser": "2.6.0"
   },
   "devDependencies": {
-    "@akinon/eslint-plugin-projectzero": "1.115.0-snapshot-ZERO-3895-20251210115756",
+    "@akinon/eslint-plugin-projectzero": "1.116.0-rc.0",
     "@babel/core": "7.26.10",
     "@babel/preset-env": "7.26.9",
     "@babel/preset-typescript": "7.27.0",

package/plugins.d.ts

@@ -37,6 +37,16 @@ declare module '@akinon/pz-cybersource-uc/src/redux/middleware' {
   export default middleware as any;
 }
 
+declare module '@akinon/pz-apple-pay' {}
+
+declare module '@akinon/pz-similar-products' {
+  export const SimilarProductsModal: any;
+  export const SimilarProductsFilterSidebar: any;
+  export const SimilarProductsResultsGrid: any;
+  export const SimilarProductsPlugin: any;
+  export const SimilarProductsButtonPlugin: any;
+}
+
 declare module '@akinon/pz-cybersource-uc/src/redux/reducer' {
   export default reducer as any;
 }

package/plugins.js

@@ -16,9 +16,12 @@ module.exports = [
   'pz-tabby-extension',
   'pz-apple-pay',
   'pz-tamara-extension',
+  'pz-similar-products',
   'pz-cybersource-uc',
   'pz-hepsipay',
   'pz-flow-payment',
   'pz-virtual-try-on',
-  'pz-masterpass-rest'
+  'pz-masterpass-rest',
+  'pz-similar-products',
+  'pz-haso'
 ];

package/types/index.ts

@@ -83,6 +83,12 @@ export interface Settings {
   };
   usePrettyUrlRoute?: boolean;
   commerceUrl: string;
+  /**
+   * This option allows you to track Sentry events on the client side, in addition to server and edge environments.
+   *
+   * It overrides process.env.NEXT_PUBLIC_SENTRY_DSN and process.env.SENTRY_DSN.
+   */
+  sentryDsn?: string;
   redis: {
     defaultExpirationTime: number;
   };

package/utils/mobile-3d-iframe.ts

@@ -1,8 +1,14 @@
 const iframeURLChange = (iframe, callback) => {
   iframe.addEventListener('load', () => {
     setTimeout(() => {
-      if (iframe?.contentWindow?.location) {
-        callback(iframe.contentWindow.location);
+      try {
+        if (iframe?.contentWindow?.location) {
+          const iframeLocation = iframe.contentWindow.location;
+
+          callback(iframeLocation);
+        }
+      } catch (error) {
+        // Expected: browser blocks cross-origin iframe access for security
       }
     }, 0);
   });

package/utils/redirection-iframe.ts

@@ -1,8 +1,14 @@
 const iframeURLChange = (iframe, callback) => {
   iframe.addEventListener('load', () => {
     setTimeout(() => {
-      if (iframe?.contentWindow?.location) {
-        callback(iframe.contentWindow.location);
+      try {
+        if (iframe?.contentWindow?.location) {
+          const iframeLocation = iframe.contentWindow.location;
+
+          callback(iframeLocation);
+        }
+      } catch (error) {
+        // Expected: browser blocks cross-origin iframe access for security
       }
     }, 0);
   });

package/with-pz-config.js

@@ -9,6 +9,7 @@ const defaultConfig = {
   skipTrailingSlashRedirect: true,
   poweredByHeader: false,
   cacheMaxMemorySize: 0,
+  compress: false,
   env: {
     NEXT_PUBLIC_SENTRY_DSN: process.env.SENTRY_DSN
   },