I'm creating app using facebookAPI login system. I wanna make my app in public. When I added app Privacy Policy URL(http://b446c081.ngrok.io), raised this error.
"
You must submit a valid Privacy Policy URL in order to be compliant with Facebook Platform. Request failed with error: Could Not Connect To Server: Check that the webserver is running, and that there are no firewalls blocking Facebook's crawlers.
"
Of course my server is running, I can't understand "Check that there are no firewalls blocking Facebook's crawlers"
http://tinypic.com/view.php?pic=i69w0n&s=9#.Wsg4MGaB1p8
There is a bug on the Facebook side of things that doesn't allow Ngrok port-forwards as Policy URLs. I would recommend pushing your data to a service such as Heroku (which has a free tier, no card details needed) and a free URL that Facebook will accept as a Policy URL.
Related
In Facebook Login Settings (in Valid OAuth Redirect URIs), when I attempt to add http://localhost:8000/survey, I get the following message,...,
http://localhost redirects are automatically allowed while in development mode only and do not need to be added here.
So, when I attempt to use http://localhost:8000/survey in my redirect_uri= parameter on my https://www.facebook.com/v7.0/dialog/oauth?client_id=... URL for FB login, I get this error message on the FB login page:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
Okay,... so I'm not allowed to whitelist http://localhost:8000/survey by adding it to Valid OAuth Redirect URIs -- where it says that http://localhost redirects are automatically allowed -- but then when I actually use a localhost URL, it is not whitelisted.
How is it possible test my app's FB login in a localhost/development environment? (I'm familiar with ngrok, but is there another way besides that?)
The first part you quoted mentions the app being set in Development Mode:
http://localhost redirects are automatically allowed while in development mode only and do not need to be added here.
You can toggle this from the top right corner of your App Dashboard on Facebook's site. More detailed instructions here: https://developers.facebook.com/docs/apps/managing-development-cycle/#step1
Another alternative that you have is using your hosts file to point a domain name to your localhost, if you can't set your app in development mode.
I have encountered the following FB error:
Given URL is not allowed by the application configuration: One or more
of the given URL is not allowed by the App's settings. To use this URL
you must add a valid native platform in your App's settings.
Also Facebook OAuth redirect URI, does not accept http local host.
You may need to review the OAuth settings for your Facebook application
Also Facebook OAuth redirect URI, does not accept http local host
HTTPS is required for new Facebook integrations. You can get free certificates from Lets Encrypt or use self-signed certs and add them to your mobile device. It's a little more complicated, but it's really for the best :-)
A web appliction is running on my local machine (can't be accessible from Internet, it is a developer site, not the production one), e.g. URL:1 http://myapp.com.
I want to configure a Facebook app on my web application. Created Facebook application, App > App Details, at Privacy Policy URL given URL:1 this message appeared:
"You must submit a valid Privacy Policy URL in order to be compliant with Facebook Platform. Request failed with error: Can't Download: Could not resolve the hostname into a valid IP address."
My application is a development site. I can't expose it on a public domain. I don't have Privacy Policy URL on public domain. What would be the best solution?
It has to be accessible and public. You can´t enter a link that only runs on your local machine, Facebook obviously can´t check if it´s there.
My meteor app has so far lived "unsecured" - meaning no redirection to https:// by default. This has worked fine in conjunction with the accounts-facebook package, which creates its own SSL enabled connection to Facebook when doing its OAuth magic.
My problems started when I tried acessing my site using https instead of http. The pop-up window the accounts package opens to log into facebook halts quickly and by reading its console output I can see the following message
Uncaught SecurityError: Blocked a frame with origin "http://wishlist-foobar.meteor.com" from accessing a frame with origin "https://wishlist-foobar.meteor.com". The frame requesting access has a protocol of "http", the frame being accessed has a protocol of "https". Protocols must match.
I thought this might have something to do with the site url in the app's facebook settings, but changing the http to https in that setting got me nowhere. Still got the same message. How is this supposed to work? I am not hardcoding the http part of the path anywhere except the facebook settings, so this seems to be something the accounts-facebook package is doing.
This is my app settings on Facebook. Observe the non-SSL site url.
It turns out you need to set the ROOT_URL environment variable for the callbacks to work and make sure visitors hit that url (for instance, forcing ssl). See these SO answers for more background info.
Google OAuth login in http server
Why is ROOT_URL a required environment variable for bundle deployment?
I am working on my first app for Facebook and facing (probably) with the SSL problem. If I am testing the app, so it's working well. But then I wanted to test the app by my friend - so I assigned him the role "Tester", he accepted it and I sent him the link to the app.
If he opened the app, he got the error The website is not available - Error 501 (net::ERR_INSECURE_RESPONSE): Unknown error
I started google it and it looks that the cause is the missing SSL certificate on my hosting, where the app is stored.
BUT - how is possible, that the app is working me well without the SSL and to my friend doesn't? If the SSL is required for Facebook apps, why I didn't get the same error?
(I set Secure Canvas URL: to https://example.com/fb-app-directory/, however I don't have at this domain and hosting any SSL certificate).
I never used before SSL. I bought the domain name on Namecheap and hosting on Hostgator. So now, I should buy a SSL certificate from the offer (http://www.namecheap.com/ssl-certificates.aspx) of Namecheap, right?
Would be suitable for the Facebook app the cheapest one?
Look, this SSL problem can only be solved by purchasing a valid SSL certificate or looking for a server which can host your app and is SSL certified such as:
phpfog.com - Provides you with some limited space and database service.
heroku.com - Does not provide any storage space for saving dynamically generated data. To have that service, you have to buy the Amazon buckets service which, again, is a costly affair.
If you don't want to invest any money, I would recommend that you go with phpfog - it is easy and its documentation is pretty good.
You should buy an SSL cert in order for everyone to be able to access your app. Your friend probably has his settings set so that he browses Facebook securely, in this case he is hitting https://example.com/fb-app-directory/, not your actual URL.
The cheapest one isn't the best one, but it should work as long as it's valid. I would suggest using Heroku though, as that way you get everything you need - for free :)
Use a proxy in heroku.com and bring your page in secure domain as https://yourapplication.herokuapp.com/
"Starting October 1, 2011 Facebook will require a valid SSL Certificate for all pages and applications hosted outside of Facebook."
http://www.wpcode.net/fb-ssl.html/
Maybe you are visiting your application with http://apps.facebook.com/... and your friend is visiting with https://apps.facebook.com/....
Another possibility is that your friend has checked "Browse Facebook on a secure connection (https) whenever possible" under "Account Security".
Try ngrok. It exposes a local web server with just one command:
ngrok 80
After this you can access your localhost like this: xxxxxxxx.ngrok.com