Is there any way to allow this to work:
Twitter:
<iframe src="https://twitter.com/intent/tweet?text=this is a test"></iframe>
Facebook:
<iframe src="https://www.facebook.com/sharer/sharer.php?u=http://www.google.com"></iframe>
Linkedin:
<iframe src="https://www.linkedin.com/shareArticle?mini=true&url=https://inspirationseek.com/wp-content/uploads/2014/05/Cherry-Blossom-Pretty-Flowers-Pictures.jpg&title=test&summary=test test"></iframe>
https://jsfiddle.net/Lj81z7xa/7/
Refused to display
'https://twitter.com/intent/tweet?text=this%20is%20a%20test' in a
frame because an ancestor violates the following Content Security
Policy directive: "frame-ancestors 'self'". (index):1
Refused to display
'https://www.facebook.com/sharer/sharer.php?u=http://www.google.com'
in a frame because it set 'X-Frame-Options' to 'deny'. about:blank:1
Refused to display
'https://www.linkedin.com/shareArticle?mini=true&url=https://inspirationseek.com/wp-content/uploads/2014/05/Cherry-Blossom-Pretty-Flowers-Pictures.jpg&title=test&summary=test%20test'
in a frame because an ancestor violates the following Content Security
Policy directive: "frame-ancestors 'self'".
Related
I wonder if someone may be able to help.
Recently, we realised we had to get consent for using the Facebook pixel on our site. I have looked at the developer information on Facebook on how to do this, and I can stop the pixel from sending data to Facebook...
What I need help with is allowing the data to be sent if the visitor accepts the cookies in the BigCommerce cookie bar (say for either the analytics or Targeting; Advertising category) ... the code I have so far in script manager to stop sending the data is this (to note I removed our FB pixel ID and replaced with 0's for this example) I tried to connect it to the BigCommerce cookie banner but failed (I was trying to use tag manager but this failed also):
<!-- Facebook Pixel Code -->
<script>
!function(f,b,e,v,n,t,s)
{if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};
if(!f._fbq)f._fbq=n;n.push=n;n.loaded=!0;n.version='2.0';
n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t,s)}(window, document,'script',
'https://connect.facebook.net/en_US/fbevents.js');
fbq('consent', 'revoke');
fbq('init', '000000000000000');
fbq('track', 'PageView');
</script>
<!-- End Facebook Pixel Code -->
As you can see I added the fbq('consent', 'revoke'); to the code
More info from Facebook here regarding the codes to use: https://developers.facebook.com/docs/facebook-pixel/implementation/gdpr/
Thank you for any help you can offer with this 😃 our site is https://www.wolftucker.co.uk
The BigCommerce consent banner sets a cookie (bc_consent) with details on what the user has consented to. You can use that to decide if you need to do the revoke command.
Alternatively you can add your code using the script manager and set the script category to "Targeting; Advertising". This will remove the script if consent is not given.
Users on my site can login with Facebook from this page: https://www.wonderweddings.com/login
However, I'm getting the error
Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.
I checked these posts to see what I could do:
How to turn off "Use Strict Mode for Redirect URIs" in facebook app
Facebook OAuth "The domain of this URL isn't included in the app's domain"
So I added what I thought were all possible URLs, but I keep getting the same error. Whether I disable or enable "Enforce HTTPS" does not matter. I also tried with "Embedded Browser OAuth Login" enabled and disabled.
https://www.wonderweddings.com/login.aspx
https://www.wonderweddings.com/login.aspx?loggedin=true&scope=email
https://www.wonderweddings.com/login
https://www.wonderweddings.com/login?loggedin=true
https://www.wonderweddings.com:443/login.aspx
https://www.wonderweddings.com:443/login.aspx?loggedin=true&scope=email
https://www.wonderweddings.com:443/login
https://www.wonderweddings.com:443/login?loggedin=true
I also tested if appId or app secret was changed due to saving, but that is not the case either.
I have a copy of this site running on another domain. This domain connects to another app, but other than that has similar settings, only this other app still has the setting "Use Strict Mode for Redirect URIs" disabled. There my code works perfectly. So I'm sure it's something I'm missing on Facebook with these settings.
My settings:
What else can I try?
The login button on your site is currently loading this URL:
https://www.facebook.com/v2.8/dialog/oauth?client_id=143381855734017&redirect_uri=https://www.wonderweddings.com/login.aspx?loggedin=true&scope=email
Facebook receives these query parameters:
client_id = 143381855734017
redirect_uri = https://www.wonderweddings.com/login.aspx?loggedin=true
scope = email
So the callback they are expecting is probably: https://www.wonderweddings.com/login.aspx?loggedin=true
Note that to be safe, the callback parameter should be URL encoded so that special characters are handled correctly (: / ? = all mean something in URLs)
You should change your site so that the link it opens is:
https://www.facebook.com/v2.8/dialog/oauth?client_id=143381855734017&redirect_uri=https%3A%2F%2Fwww.wonderweddings.com%2Flogin.aspx%3Floggedin%3Dtrue&scope=email
There has been Facebook update in October 2017. Use Strict Mode for Redirect URIs is now always enabled in Facebook App dashboard.
Solution in my case was related to that update: make sure that Valid Oauth redirect URIs input contains the same URI as provided in redirect_uri param.
I have a "http" (developer) page, which is enabled for the facebook, its visible from the outside. When I want to debug it with https://developers.facebook.com/, it shows everything OK:
Response Code: 200
Fetched URL: http://my.dev.com/id/3161304
Canonical URL: http://my.dev.com/id/3161304/
Redirect Path:
Input URL -> http://my.dev.com/id/3161304
301 HTTP Redirect -> http://my.dev.com/id/3161304/
I have this site cloned, for testing, https-ed. The result is different:
first, some parameters are missing:
Missing Properties
The following required properties are missing: og:url, og:type, og:title, og:image, og:description
Secondly, the response:
Response Code: 200
Fetched URL: https://my.cloned.site.com/id/3161304/
Canonical URL: https://my.cloned.site.com/id/
Redirect Path
Input URL: -> https://my.cloned.site.com/id/3161304/
rel="canonical" Meta Tag -> https://my.cloned.site.com/id/
it seems that a redirect happens. Why?
I am implementing a Facebook registration page for my site using iframe, as follows:
<iframe src="https://www.facebook.com/plugins/registration?
client_id=<%= FACEBOOK_CONFIG['app_id'].to_s %>&
redirect_uri=<%= FULL_ROOT.to_s %>&
fields=name,first_name,last_name,gender,email"
scrolling="auto"
frameborder="no"
style="border:none"
allowTransparency="true"
width="100%"
height="100%"
data-scope="email">
</iframe>
I am using rails.
When the user clicks on register, he is redirected to the correct page UNLESS I include his email and birthdate, in which case I get:
Request URL:https://www.facebook.com/ajax/connect/registration_widget.php
Request Method:POST
Status Code:500 OK
Request Headersview source
:host:www.facebook.com
:method:POST
:path:/ajax/connect/registration_widget.php
:scheme:https
:version:HTTP/1.1
accept:*/*
accept-encoding:gzip,deflate,sdch
accept-language:en-US,en;q=0.8
content-length:758
content-type:application/x-www-form-urlencoded
etc.
Clearly this has to do with the fact that the user's birthday and email aren't part of his public profile.
i tried requesting these permissions (Added them to my app settings on Facebook) but nothing works.
I need to crack this: how can I register the user, including his e-mail and birthday?
Thanks!
This turns out to have been a Facebook bug that was resolved yesterday.
Still hoping for my $500!
I have ASP.Net application, and want users to access it from facebook via IFRAME
Application is located at:
facebook.tk-osmica.hr/
My setup: (leading http removed to avoid stackoverflow restrictions)
Canvas URL: facebook.tk-osmica.hr/
Canvas Page: apps.facebook.com/dankotestd (raedonly)
in my web.config i did setup API Key and secret,
and "PostAuthorizeRedirectURL=Default.aspx"
i'm getting error:
"error":
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException"
I was forwarded to URL:
https://graph.facebook.com/oauth/authorize?client_id=244980988904443&redirect_uri=http://apps.facebook.com/dankotest2/Default.aspx&scope=user_photos
I guess I should have been redirected to:
https://graph.facebook.com/oauth/authorize?client_id=244980988904443&redirect_uri=http://facebook.tk-osmica.hr/Default.aspx&scope=user_photos
but i can't set it up to do so.
What is right configuration?
Thank you!
Are you building a canvas (iframed) app, or a web page that has facebook functionality? If you're building a canvas app, then being redirected to https://graph.facebook.com/oauth/authorize?client_id=244980988904443&redirect_uri=http://apps.facebook.com/dankotest2/Default.aspx&scope=user_photos was correct. Because your canvas app will live at http://apps.facebook.com/dankotest2/Default.aspx.