I'm developing website with a lot of HTML5 and CSS3 features. I'm also using iframe to embed several content on my website. It works fine if I open it using Chrome/Firefox/Safari mobile browser. However, if I share on facebook (post/page) and I opened it up with Facebook application with Facebook Internal Browser, my website is messed up.
Is there any tools or way to debug on Facebook Browser? Thanks.
This is how you can do the debugging yourself. It's painful, but the only way I've come across so far.
tl;dr Get the Facebook App loading a page on your local server so you can iterate quickly. Then print debug statements directly to the page until you figure out what is going on.
Get a link to a page on your local server that you can access on your mobile device (test in mobile safari that it works). See this to find out your local IP address How do you access a website running on localhost from iPhone browser. It will look something like this
http://192.xxx.1.127:3000/facebook-test
Post that link on your Facebook page (you can make it private so your friends aren't all like WTF?)
Click the posted link in the Facebook mobile App and it will open up in Facebook's mobile browser
Since you don't have a console, you basically need to print debug statements directly to the page so it is visible. Put debug statements all over your code. If your problems are primarily related to CSS, then you can iteratively comment out stuff until you've found the issue(s) or print the relevant CSS attributes using JavaScript. Eg something like (using JQuery)
function debug(str){$('body').append("<br>"+str);}
Quite possibly the most painful part. The Facebook browser caches very aggressively. If you are making changes and nothing has happened, it's because the content is cached. You can sometimes resolve this by updating the URLs, eg /facebook-test-1, /facebook-test-2, or adding dummy parameters eg /facebook-test?dummy=1. But if the changes are in external css or js sheets it sometimes will still cache. To 100% clear the cache, delete the Facebook App from your mobile device and reinstall.
The internal browser the Facebook app uses is essentially a uiWebView. Paul Irish has made a simple iOS app that lets you load any URL into a uiWebView which you then can debug using Safari's Developer Tools.
https://github.com/paulirish/iOS-WebView-App
I found a way how to debug it easier. You will need to install the Ghostlab app (You have a 7-day free trial there, however it's totally worth paying for).
In Ghostlab, add the website address (or a localhost address) you want to debug and start the session.
Ghostlab will generate a link for access.
Copy that link and post it on Facebook (as a private post)
Open the link on mobile and that's it! Ghostlab will identify you once you open that link, and will allow you to debug the page.
For debugging, you will have all the same tools as in the Chrome devtools (how cool is that!). For example, you can tweak CSS and see the changes applied live.
If you want to debug a possible error, you can try to catch it and display it.
Put this at the very top of your code:
window.onerror = function (msg, url, lineNo, columnNo, error) {
var string = msg.toLowerCase();
var substring = "script error";
if (string.indexOf(substring) > -1){
alert('Script Error: See Browser Console for Detail');
} else {
var message = [
'Message: ' + msg,
'URL: ' + url,
'Line: ' + lineNo,
'Column: ' + columnNo,
'Error object: ' + JSON.stringify(error)
].join(' - ');
alert(message);
}
}
(Source: MDN)
This will catch and alert your errors.
Share a link on Facebook (privately), or send yourself a message on Facebook Messenger (easier). To break the cache, create a new URL every time, e.g. by appending a random string to the URL.
Follow the link and see if you can find any errors.
With help of ngrok create temporary http & https adress instead of your ordinary localhost:3000(or other port) and you could run your app on any devices. It is super easy to use.
and as it was written above all other useful information you should write somewhere inside div element (in case of React I recommend to put onClick on that div with force update or other function for getting info, sometimes it helps because JS in FB could be executed erlier than your information appears). Keep in mind that alerts are not reliable, sometimes they are blocked
bonus from ngrok that in console you will see which files was
requested and response code (it will replace lack of network tab)
and about iFrame.If you use it on other domain and you rely on cookies - you should know that facebook in-app browser blocks 3rd party cookies
test on Android and iOS separately because technicaly they use different browsers
Related
We are developing app for affiliate services, CPA networks gave us marketing links (that customers should use to redirect to web shop), however I can't figure it out, how to trigger universal link to open relevant app after redirect is finished.
For example, CPA network gave as a link to Aliexpress, let it be something like this for example
https://ourcpapartner.com/link/to/aliexpress?params
And we open link with following code using url_launcher
if (await canLaunch('https://ourcpapartner.com/link/to/aliexpress?params')) {
await launch('https://ourcpapartner.com/link/to/aliexpress?params');
} else {
throw ('Redirect failed');
}
With Safari, there are no problems, but with Google Chrome nothing simply happens, after opening that link, it instantly redirects to final url - Aliexpress.com, and now it should open app (if it's installed of course), but nothing is happening, however, once you click on something (e.g product) then app is opened and affiliate tracking is messed up.
It does open app as intented if you click direct link on our website.
I might consider to use WebView instead (so it does not depend on third party browser specifications), but how it would be possible to open local apps then? We can't just hard code every app we need to open with deeplink as we got hundred of different offers.
Attempting to load the Facebook MessengerExtensions appears not to work when using the in-browser experience for Facebook messenger (as opposed to the native apps on iOS or Android). When I interact with my bot's persistent menu to open a webview (that is trying to use MessengerExtensions), I get this error in the browser console of a newly opened tab:
Messenger Extensions are not enabled - could be "messenger_extensions" was not set on a url, the domain was not whitelisted or this is an outdated version of Messenger client
I have the impression that MessengerExtensions is simply not supported for the in-browser experience but have a couple of questions:
Can someone find where in the docs this lack of support is stated (because I've obviously missed it if it's there...)?
If this is supported somehow, suggestions for what I might be doing wrong? (I have confirmed that my persistent menu button has messenger_extensions: true and my web_url is whitelisted...)
Is there some kind of workaround (not using MessengerExtensions) for the webview opened in the browser to get the page-scoped user Id (PSUID) for the user interacting with the bot?
For a button generated with the Send API I could conceivably append the PSUID to the URL being opened as a query param (not sure of security considerations on that)
For the persistent menu the web_url of the button action is NOT dynamic (it's configured ahead of time) so I'm unsure how this URL when opened from the browser-based messenger interface is supposed to figure out what user opened it. Thoughts/Ideas?
I've just tried it on the chrome with facebook api version 2.10, and it works. When I clicked on the button, I got a "lightbox" looking window that opened on top of the messenger, and all the proper callbacks are called in javascript.
this is my button json:
{
type: 'web_url',
title: <title>,
url: <url>,
messenger_extensions: true,
fallback_url: <url>,
webview_height_ratio: 'tall'
}
these are a few things that I did:
the button spec should contain messenger_extensions: true
facebook whitelisted_domains doesn't do subdomains, so make sure you whitelist the entire url before the parameters.
fallback_url should be whitelisted as well.
On what browsers or user agents that channel URL is actually used, and what for?
I have no intention of having my site to work on Internet Explorer <= 8 (it is an HTML5 <canvas> game, and I am serving everything else as "application/xhtml+xml").
So, if channel is only useful on that old crap, I can gladly get rid of it...
Related (possibly): Channel URL Facebook
Because the social plugin is cross domain call, it needs a way to communicate. The wrokaround is to include a hidden iframe in the page for that. But, with this workaround, that iframe is loaded every time when page loads and will double the traffic reported. This is why channel url was done. What it does, it load the fb js in that page, and from that moment on, the js is available on your domain.
It will improve your loading times (cache) and will fix the reporting issue (you will see in reports channel page reported separately). But is not necessary for any html5 capable browser.
So, if you are using only HTML5 capable browsers, you are safe to ignore that. I am not sure about ie9, I will try to test it with my app by removing channel url and let you know.
Edit: By removing the channel URL from my app, I start getting double traffic reports from IE9. I think that is a good idea to keep the file there, is is just a simple html file with a single line. Better to be safe than sorry.
We are developing an app that makes posts on behalf of our users to Facebook. Within those posts, we want to put links to external (non-Facebook) websites.
Looking at the links in the status bar of the browser (usually Chrome), the correct URL is displayed. However, Facebook seems to wrap the actually-clicked link into some extra bells-and-whistles. Usually, this works correctly.
Sometimes, however, this URL wrapping ends up sending the click to a URL like:
http: //spywaresite.info/0/go.php?sid=2
(added space to make it non-browsable!) which generates Chromes severe warning message:
This happens very occasionally on Chrome, but very much more often in the iOS browser on the iPhone.
Does anyone have any pointers as to how to deal with this?
EDIT
For example, the URLs we put in the link is
http://www.example.com/some/full/path/somewhere
but the URL that actually gets clicked is:
http://platform.ak.fbcdn.net/www/app_full_proxy.php?app=374274329267054&v=1&size=z&cksum=fc1c17ed464a92bc53caae79e5413481&src=http%3A%2F%2Fwww.example.com%2Fsome%2Ffull%2Fpath%2Fsomewhere
There seems to be some JavaScript goodness in the page that unscrambles that and usually redirects correctly.
EDIT2
The links above are put on the image and the blue text to the right of the image in the screenshot below.
Mousing over the links (or the image) in the browser shows the correct link. Right-clicking on the link and selecting "Copy Link Address" gets the fbcdn.net link above (or one like it). Actually clicking on the link seems to set off some JavaScript processing of the fbcdn.net link into the right one... but sometimes that processing fails.
I'm not 100% sure what you're asking here, but i'll tell you what I know:- are you referring to this screen on Facebook?
(or rather, the variation of that screen which doesn't allow clickthrough?)
If you manually send a user to facebook.com/l.php?u=something they'll always see that message - it's a measure to prevent an open redirector
if your users are submitting such links, including the l.php link, you'll need to extract the destination URL (in the 'u' parameter)
If you're seeing the l.php URLs come back from the API this is probably a bug.
If links clicked on facebook.com end up on the screen it's because facebook have detected the link as suspicious (e.g. for URL redirector sites - the screen will allow clickthrough but warn the user first) or malicious/spammy (will not allow clickthrough)
In your app you won't be able to post links to the latter (an error will come back saying the URL is blocked), and the former may throw a captcha sometimes (if you're using the Feed dialog, this should be transparent to the app code, the user will enter the captcha and the dialog will return as normal)
If this isn't exactly what you were asking about please clarify and i'll update my answer
Rather than add to the question, I thought I'd put more details here.
It looks like the Facebook mention in the original title was mis-directed, so I've removed it.
We still haven't got to the bottom of the issue.
However, we used both Wireshark and Fiddler to look at the HTTP traffic between the Chrome browser (on the PC) and Facebook. Both showed that Facebook was returning the correct URL refresh.
Here's what Wireshark showed:
What we saw on Fiddler was that our server is issuing a redirect to the spywaresite.info site:
We are working with our ISP to figure out what is happening here.
Upon install of my app on a Facebook Page, I'd like to send the user to an URL with further instructions. I'm starting the installation with http://facebook.com/add.php?api_key=app_api_key&page=page_id, which installs but redirects the user to the Facebook Page itself. It seems like various forms of redirect were available at some point:
Post-authorize callback URL. I can no longer find that in App settings.
The next parameter for add.php. I can't seem to get this to work
I have seen some apps that do redirect upon install, so I believe this is possible. Maybe it's using an old Post-authorize setting that's no longer visible?
Any help or point would be greatly appreciated! I'm also not attached to using add.php, if there's a Facebook Connect method that does this I'd use that instead (I'm looking at profile.addtab though that doesn't seem to work either).
You can set the redirect URL in the app properties. You can no longer set it from the developer control panel in Facebook, but you can still set it using the REST api.
The list of app properties is here: http://developers.facebook.com/docs/appproperties/
To set the "post_authorize_redirect_url" you would use something like this:
https://api.facebook.com/method/admin.setAppProperties?
access_token=CURRENTTOKEN&
properties={'post_authorize_redirect_url':'http://mydomain.com/post_authorize_folder/'}
I am not completely clear on this, but I believe the url needs to point to a folder, terminated with "/" rather than a specific file.
The callback gets two parameters:
installed = 1 (true)
fb_page_id = the page id when your app was installed
First page that Canvas is point to should have
< script type='text/javascript'>top.location.href = 'REDIRECT-URL';< /script>
So when your app is opened it will automaticaly redirect to REDIRECT-URL
I'm not sure that you can avoid opening of application canvas page after installing application.