I'm trying to have a Facebook share button which shares the link of the current page. I am using localhost and Facebook is unable to reach my website since I'm using localhost (xampp). Is there any way to get around this? I have seen people mention about using tunnelme, but I don't see a tutorial on how to do it. Any guidance would be appreciated.
My technique to deal with this kind of issue is define some fake domain in /etc/hosts (Linux o MacOS) or C:\Windows\System32\drivers\etc\hosts in Windows.
something like:
127.0.0.1 customdomain.liquidtabs
(Do not use .devel because now is a valid TLD and cause some collisions).
In the last time, I'm using a local DNS server (like dnsmasq) to define multiple custom local fake domains.
Finally, in your Facebook app configuration, you must add your fake domain as an allowed domain to access the API.
In the last time, Google Developers Console requires a valid domain (for example, finished in .com, like mycustomfakedomain.com). I do not remember if Facebook too.
In this case, you must define a "valid" domain and override it in the hosts file. Like:
127.0.0.1 customdomain.local.liquidtabs.com
Now, run your website using your fake domain. You should now be able to access Facebook from the library (or Google or any other domain-restricted library) from "localhost".
Related
I want to create and test an app initially from localhost (were I run Ruby on Rails or Glassfish). I have read many postings about how to do this and NONE work. I have tried all the solutions discussed on stackoverflow and other sites.
Does anyone have a current method that does work (2015)?
Following did not work
1) in Canvas URL http://localhost:3000/users/index/ with and without localhost as domains
2) Tried editing the Advanced tab to add redirect URL to same URL.
What happens is I get a blank screen (I have even tried really simple hello world type apps that run locally so it should work with facebook).
Thank you,
Lynne
you have to configure secure canvas URL for canvas apps . it is mandatory and it has to be a https URL.
edit: This is actually a lot easier than I thought. I found this python script that creates a local https server. The only issue was that facebook is sending a POST request on the canvas page, and this server doesn't support POST requests, so I modified it a bit and now it handles the facebook canvas page correctly.
You don't need a domain, and in the script it tells you how to generate the self signed certificate. In the facebook app settings you can set https://localhost:4443/ as canvas url.
old post:
It is possible but it's a bit of a hassle. You can set a dns to 127.0.0.1 and use that. So if you own example.com, you can create an A DNS record for localhost.example.com and set it to 127.0.0.1.
The difficult part is that you have to find some way to create a certificate for this domain. If you want an official cert, the easiest option out there is Let's Encrypt. Verification of your domain through an https server is going to be difficult, since the Let's Encrypt servers will try to contact 127.0.0.1. So you're probably better of using DNS challenge validation. Another option would be a self signed certificate, which is a whole different story.
The last step is to find a server that can host https and use the certificates you generated.
It seems like this would be really, really easy - but I can't get it to work. All I need to do is to be able to serve files from Google cloud storage while restricting access to my google apps domain. I easily did this before using Google App engine simply by choosing that I wanted to limit access to my domain and setting the app.yaml appropriately. I can't find anything that tells me what I might be missing - I've tried using gsutil to set the ACL to restrict to my domain, which processes successfully through the command line, but then when I try to look at the bucket or object permissions through the cloud web console, I get "unexpected ACL entity type: domain".
I'm trying to access using storage.googleapis.com/bucket/object (of course with my bucket and object name) and I always get a 403 error even though I'm definitely logged in to gmail, and as the administrator of the domain, it seems like it should work because even if the ACL's were otherwise wrong (and I've tried it both with and without the domain restriction), and that it would work for me at least. The only way I can serve content using the above url is if I make it public - which obviously is NOT what I want to do.
I'm sure I'm missing something completely stupid, or some fundamental principles about how this should work - can anyone give me any ideas?
I'm not 100% sure what your use case is, but I'm guessing that your users are attempting to access the objects directly from a web browser. storage.cloud.google.com accepts Google authorization cookies, which means that if a user is logged in to an appropriate Google account, they can access resources restricted to certain users, groups, or domains. However, the other endpoints do not accept cookies as authorization, and so this use case won't work.
These users have permission to access objects using storage.googleapis.com, but doing so requires explicitly authorizing requests.
In othe words, a simple <img src="http://storage.cloud.google.com/bucket/object" /> link will work fine for signed-in users, but using storage.googleapis.com requires explicitly authorizing requests with via OAuth 2.
Can anyone think of a neat solution for this; we operate an website service and sell to large organisations. Rather than have a logon for everyone, we'd like to be able to provide a direct link to our website from the organisation's Intranet page. We'd then like to check the referrer and if it's in our listed of 'trusted referrers', i.e. the intranet url, then we grant logon without asking for credentials.
I'm aware you can do $_SERVER['HTTP_REFERER']; to get the referrer, but I'm also aware that can be spoofed. Can anyone think of how we could achieve what we want, but while also guaranteeing it won't be hackable?
Thanks in advance
It's not exectly what you want, but to make logging on easier and ensure you don't need to store all the passwords you could use, for example, OpenID.
I think that there is no perfect and safe solution for this.
One solution would be to append tokens to the urls. It will work and it will be save, but anyone who knows the link (including token) will be able to login as that organization
Another solution would be to check the source ip. This can be done in different ways *apache, load balancer, app, etc).
Also a combination of token + ip could work (this token for that organization but only if the request comes from allowed_ips for that organization)
A more elegant solution (which I implemented for several big companies) would be to integrate you website login with the active record domain login. It is possible to use the current user window login as login into a website, using domain authorization. If a user is logged in into a domain, when enters your site will automatically login to the website.
This solution is much more easy to implement than it sounds. But, requires Active directory and workstation that connects to a domain to be in the company (this shouldn't be a problem, most of corporations are using windows on workstations and active directory for domain controller). Also is working best on IE only (direct login to the website). On other browsers the domain login popup will appear and user will have to enter again the domain password.
Also, I am pretty sure that can be made to work on linux environments, but I have no idea how.
I am using Facebook Graph API. To set it up, I need to fill out the App Setting on developer.facebook.com.
I need to specify two URLs, one for local testing (localhost:3000), and another for live app. How should I do this?
Thank you.
I need to specify two URLs, one for local testing (localhost:3000), and another for live app. How should I do this?
That’s not possible – at least not if you want to use Facebook login.
You have two options:
Set up a second app for testing. This works quite well, as long as it does not come to things like Open Graph actions which need to be approved by FB and are tied to the app they were are proved for.
Set your local test environment up to be accessible from your local computer by the domain name used for the live site. F.e. when using Apache as webserver, by setting up a corresponding VirtualHost and manipulate your local DNS into resolving the domain to your local IP (via hosts file under windows). Also since your live app will most likely use port :80, you should set up your local server to answer to HTTP requests on that port.
I'm developing an intranet-based web app that integrates with Facebook via the Graph API. I am struggling to get OAuth working, and I think it's because I'm using an IP address rather than a domain.
I've registered three apps with Facebook, one for dev, one for staging and one for live. They are all configured identically, and for each one I've specified the Site URL in the Developer portal accordingly (I've masked some parts - they're real numbers in Facebook):
Dev - http://localhost:XXXX/
Staging - https://192.168.XXX.XXX:XXXX/
The URLs for the OAuth dialog output as you would expect - only the App ID and redirect URL are different on the three systems:
http://www.facebook.com/dialog/oauth/?response_type=code&display=popup&scope=create_event,publish_actions,publish_stream,read_stream,offline_access,manage_pages,read_insights&client_id=XXXXXXXXXXXXXXXX&redirect_uri=http://localhost:XXXX/path/to/redirect
The dev version works fine but staging and live do not - I just get
"An error occurred. Please try later".
Am I right in thinking that Facebook's OAuth doesn't accept using an IP address rather than a domain for Site URL, and if so is there a way around this?
You are correct, you cannot use IP addresses. You can use domains or even subdomains, but IP addresses won't work.