I recently hosted a website on AWS S3 as a static page. For some unknown, Facebook won't allow me to submit the app using https://www.spotin.io/privacy-policy as an url because of a bad response code.
For now, I just added a simple generic privacy policy until I fix this, but I really need help. I read the other questions in Stack Over flow but their from 2 years ago and I following the given advice but it didn't work.
Here I include Facebook's debugger response image:
Facebook Debugger
Can someone help please?
You seem to use CloudFront. Your page already delivers 404 code as a response:
via https://httpstatus.io/
via Postman
Check your CloudFront setup, especially the Errors section. This alternative question might be of help:
CloudFront got X-Cache: Error from cloudfront with Status Code 200
Related
I want to publish my first Facebook application and a Privacy Policy URL is required.
I have the page privacypolicy.html published in my website but I get the next message when I configure it in "App Details":
You must submit a valid Privacy Policy URL in order to be compliant with Facebook Platform. Request failed with error:
Bad Response Code: URL returned a bad HTTP response code.
The http code returned when I request the page is 200
Any ideas?
The URL is cached by facebook.
Adding # at the end of my Url did the job ..
This is an old question I know, but I figured I'd post my solution and hope it helps anyone. For me I got this error because I had rewrite rules that didn't catch the URL that Facebook actually goes to in order to get the privacy policy. Facebook adds a query string to the URL that you give it for the privacy policy and since my privacy policy page doesn't do anything with the query string, I didn't check for it in my rewrite rule.
You can check out how Facebook scrapes the page you give it by going to Facebook's Sharing Debugger and putting your URL in the input bar. You can also see the last time that Facebook tried to scrape that URL and tell Facebook to try again once you've fixed any issues. This will get around the caching that was mentioned in user2390340's post.
Facebook externalhit appears to request via the ipv6 address published in DNS if there is one available and won't check on the ipv4 published in DNS.
If your website doesn't have ipv6 enabled it'll return a 404 or 500 and you'll get that error "Bad Response Code: URL returned a bad HTTP response code" for your Privacy Policy URL.
Edit:
Also noted that Facebook caches the URL, I was checking it and getting a "bad response code" error even though there was no hit from their UA in the access logs.
Adding ?stuff onto the end of the URL in the Privacy Policy field bypassed a cache and the access log hits showed up with 200 OK, allowing the URL to be saved.
Not sure if this is related to user2259887's comment about Facebook using IPV6 DNS. But after reading his comment, I was able to work around the validation issue by specifying an IP Address URL instead of using the host domain name URL.
This workaround will not work well if the site IP address is dynamic or change often.
I have been trying to write a bucket policy that will allow (X-HTTP-Method-Override) because my research shows that Facebook loads HTTPS hosted iframe apps via HTTP POST instead of HTTP GET which causes S3 and CloudFront errors.
Can anyone please help me with this problem?
This is what's returned from S3 if I served my Facebook app directly from S3:
<?xml version="1.0" encoding="UTF-8" ?>
- <Error>
<Code>MethodNotAllowed</Code>
<Message>The specified method is not allowed against this resource.</Message>
<ResourceType>OBJECT</ResourceType>
<Method>POST</Method>
<RequestId>B21565687724CCFE</RequestId>
<HostId>HjDgfjr4ktVxqlIBeIlvXT3UzBNuPg8b+WbhtNHOvNg3cDNpfLH5GIlyUUpJKZzA</HostId>
</Error>
This is what's returned from CloudFront if I served my Facebook app from CloudFront with S3 as the origin:
ERROR
The request could not be satisfied.
Generated by cloudfront (CloudFront)
I think the solution should be to write a bucket policy that makes use of X-HTTP-Method-Override... Probably I am wrong though. A solution to this problem would be highly appreciated.
After trying many different ways to get this to work, it turns out that it simply is not possible to make the POST to static content work on S3 as things stand. Even if you allow POST through Cloudfront, enable CORS, change the bucket policy so that the Cloudfront origin identity can GET/PUT etc. it will still throw an error.
As an aside, S3 is not the only thing that balks at responding to such a POST request to static content. If you configure nginx as an origin for a Facebook iframe you will get the same 405 error, though you can work around that problem in a couple of ways (essentially rewriting it to a GET under the covers). You can also change the page (though still static) to be a dynamic extension (.aspx or .php) to work around the issue with nginx.
You can host all your other content on S3 of course, and just move the page that you POST to onto a different origin. With a decent cache time you should see minimal traffic, but it will mean keeping your content in two places. What I ended up doing was:
Creating EC2 instances in an autoscaling group (just in case) to serve the content
They used a cron job to sync the content from S3 every 5 minutes
No change in workflow was required (still just upload content to S3)
It's not ideal, nor is it particularly efficient, but hopefully it will save others a lot of fruitless testing trying to get this to work on S3 alone.
You can set your Cloudfront distribution to allow POST methods.
If you go into your dashboard and edit the Behavior for the distribution
- Then select Allowed HTTP Methods - GET, HEAD, PUT, POST, PATCH, DELETE, OPTIONS
This allows the POST from Facebook to go through to your origin.
I was fighting with S3 and CloudFront for last couple of days. and I confirm that with any bucket policy we cannot redirect POST calls from Facebook to S3 static (JS enriched) contents.
The only solution seems to be the one Adam Comerford mentioned in this thread:
Having a light application which receives Facebook calls then fetching the content from S3 or CloudFront.
If anyone has any other solution or idea it will be appreciated.
you can't change POST to GET - that's the way Facebook loads app page because it also sends data about the current user as POST body (see signed_request for more details). I would suggest you look into fixing your app to make sure it properly responds to POST request.
i've read all the other questions about this subject and so far i can't figure out what's the problem.
The website is http://bowarrow.de and it works fine. Only Facebook has a 403 problem. I added meta tags and i find them in the source code.
Still "Bad Response Code: URL returned a bad HTTP response code." if i enter it here https://developers.facebook.com/tools/debug
I contacted my hoster to ask if it is a mod_security error but they said there is no mod_security on my account.
I use hostgator as a host and host europe for my domain.
I see that this question has been asked before but no solution has been provided.
I am getting nothing but 500 Internal Server Error since yesterday when I use following link:
http://apps.facebook.com/myappID
Yes, I already tried clearing up my cache & cookies so don't even bother asking me this. I have added my app link in the Canvas URL which should show up after I click on the app URL but nothing but that 500 HTTP error. I tried on all browsers and even asked few of my friends too and they said same error.
I thought it was an error on Facebook but I don't see how it's not being fixed for a day now.
Any help? Thank you.
The 500 Internal Server Error is a very general HTTP status code that means something has gone wrong on the web site's server but the server could not be more specific on what the exact problem is.
So its a "server-side" error, meaning the problem is not with your PC or Internet connection but instead is a problem with the web site's server.
Maybe you should contact facebook help center.
I just ran into a similar situation and found that when I reduced the limit in my GET call to 20 rather than 500 the server responded well.
https://graph.facebook.com/v2.0/6558867050/posts?limit=20
I am using Facebook Graph using RestFB. When I am trying to post a URL to Facebook -
http://localhost:8080/demo
I even tried
http://www.wannaget.com/home
This is also not working. Issue was not local or live url. Because this was working previously But now it gives me invalid URL error.
It gives Following response
INFO: Facebook responded with HTTP status code 400 and response body: {"error":{"message":"(#1500) The url you supplied is invalid","type":"OAuthException","code":1500}}
I don't understand the reason why this is happening. Everything is working fine but now I am facing this issue.
The url is not in a valid format. I guess it has to end with an extension, like "http://localhost:8080/demo.html"
A workaround that worked for me (on rails):
I was trying to post on fb the link "localhost:3000/articles/53" with that same error.
To fix it I had the route:
match 'news/article/:id/x.x' => 'articles#show'
and post successfully on fb the resultant link "localhost:3000/articles/53/x.x"
Any real solution is welcome!
The URL you provided is a for a local server running on your machine. Facebook has to be able to access that URL but it can't because it is not on the Internet - it is only accessible from your local computer.
You'll have to give Facebook a real URL that is accessible by their servers...