I'm having an issue with forms posting out to https:payflowlink.paypal.com from mobile devices. Instead of returning the hosted checkout page, only a blank page is being served up.
Posting from the same exact form on desktops and tablets brings up the hosted checkout page.
I'm not getting any sort of error message when debugging from mobile safari, just a blank white page.
Are you using SECURETOKEN? If so make sure you pass TEMPLATE=MOBILE in the API call to payflowpro.paypal.com or pilot-payflowpro.paypal.com(test). Once you get a result code of "0" you'll redirect to payflowlink.paypal.com and append the URL with your SECURETOKEN and SECURETOKENID and MODE for example:
https://payflowlink.paypal.com?SECURETOKEN=value_from_API_call&SECURETOKENID=Your_made_up_value&MODE=Test (or Live)
Related
Hi I wan't to create a facebook app to use it for the auth in my new site locally installed(my machine),but from yesterday I don't succeed to install it and use it, all time I have this very strange error when I wan't write a domain in the "App Domains" :
This must be derived from Canvas URL, Secure Canvas URL, Site URL, Mobile Site URL, Page Tab URL or Secure Page Tab URL. Check and correct the following domains
the domain of my application is http://localhost/project/app_dev.php/ it dosn't work I change it by a real url such as : http://www.exemple.com/,but I had the same error,and just I notice that I see this error when I create an app with new look of facebook (yesterday)...
In my case the problem was I hadn't completed the "+ Add Platform > Website" section. Once I did that the contents of App Domains became valid and the error went away.
I had this same problem yesterday, the stackoverflow answers that helped me the most were
Make local development work with Facebook/Google APIs and Canvas URL / Secure Canvas URL error message ( Also checkout How to handle OmniAuth callbacks in multiple environments?)
The Facebook developer UI has changed a bit. I'm writing this answer to consolidate all the info that helped me.
1. Make local.host Point to Your Computer
First thing you need to do is (as answered in the first link), facebook won't take localhost as a valid callback site, because it confuses localhost with a top level domain (com org etc.) in other words there is not dot . in your domain name. So change your /etc/hosts to add the entry
127.0.0.1 local.host
Now youcan access your app at http://local.host/... (this will take effect as soon as you save /etc/hosts file, no need to restart anything)
2. Add local.host as the Site URL on the facebook Dev Console
The second thing you need to do is add local.host as the site url on the facebook page
Now don't use your production app. Add a dummy app on your https://developers.facebook.com account Because your production app will have to set the site URL to your production URL and not local.host
Configure the dummy app as shown in the screenshot. But that website section(shown in the screenshot) won't be visible on the Basic settings page from the beginning.
First you will have to click + Add Platform button at the bottom, and select Website.
Notice I added http://local.host:3000/. That's where my ruby server runs in dev mode.
Also, be sure to use App Id and App Secret for the dummy app when running your webapp in dev mode.
HTH.
My problem was that logging in with facebook wasn't working for my app.
It turned out that I just needed to fill in the "Valid OAuth redirect URIs" field on the "Advanced" tab.
e.g. http://example.com/auth/google/callback
I'd a similar problem, Facebook have changed now on left pane file login (After selecting you app from top left corner) -> Valid OAuth redirect URIs
If you work on desktop app like WPF or winforms and use a WebBrowser Control to log in with the Facebook SDK.
You have to set to yes the Embedded Browser OAuth Login in Advance Tab of your facebook apps setting.
hope I help
Chose "Add platform" at the bottom and give your localhost url. "http://localhost:port/".
After this step. Facebook allows you to add localhost:port as your domain url.
After these 2 steps you can test "login with facebook" without any trouble.
I have a web site already integrated with Facebook login, using server-side authentication.
I have an issue to turn it into an application running under Facebook.
The problem is that Facebook does not show the authentication page at all
Therefore, I am not even getting to the server authentication process for real.
Right now, the application is running on my local machine.
My app is defined as Facebook Application: (adding blank before localhost for site security purpose only)
Canvas URL: http ://localhost:4300/fbopt/
Secure canvas URL: https ://localhost:4303/fbopt/"
[same problem happens when running in a Sandbox, without Secure URL]
I have a "fan page" with "Go to App" button there.
Pressing a button leads me to the URL:
https://apps.facebook.com/[appid]/?fb_source=timeline
The browser starts loading the page with the frames.
The lower frames makes the POST request to the URL I provided.
My application redirects the page to the following URL:
https://www.facebook.com/dialog/oauth?client_id=[appid]&redirect_uri=https://localhost:4303/fbopt/hook&scope=email,user_location,user_birthday
I would expect Facebook to show up the application authentication form, with the permissions required.
Unfortunately, this does not happen. An empty page is shown within the frame, HTML is empty!
I see (from the Chrome network debugger) that the URL is indeed accessed, but the response is with HTTP 200 status (not error), but no response data. Instead, getting
X-Frame-Options: DENY
response header - rendering denied within frame! Why?
When loading the URL above "manually" outside the Facebook frames structure, I do get the authentication screen with the right permissions.
I wonder what is missing to get it work with canvas.
Any hint on what I should add, or how to debug such a problem - will be appreciated.
Thanks ,
Max
Looks like me fundamental problem was that I was trying to redirect the whole page, instead of making a frame redirection.
Started here:
Blank Canvas => 'Refused to display document because display forbidden by X-Frame-Options.'
Went here:
https://developers.facebook.com/docs/howtos/login/login-for-canvas/
It says:
Because your application is being loaded in an iframe, returning a 302 to redirect the user to the Login Dialog will be unsuccessful. Instead you must redirect by setting the Javascript window.top.location property, which causes the parent window to redirect to the Login Dialog URL
This was probably my major mistake.
Max
Do you have iframe in your app? Sending X-Frame-Options with content DENY is Facebook's way to fight with clickjacking. More info:
http://darklaunch.com/2010/11/09/facebook-s-anti-clickjacking-techniques
adding an iframe to facebook does not work anymore since ~2 weeks
I've had the same issue. 302 Redirect works because I use a lot of those but you cannot redirect to a facebook domain for any reason. If you want you can do a top redirect via javascript. What I did is I created an html that accepts a url and it loads it in top.location then redirects back to apps.facebook.com. With X-frame most probably because you have a AntiForgeryToken (if using .net) because this would insert xframe sameorigin in the header. You can disable this with
AntiForgeryConfig.SuppressXFrameOptionsHeader = true;
I will try to explain a bit the context for my problem.
Context:
A while ago I started working on Facebook application. One of the requirements is to be included in a Facebook page as a tab. This application will contain on a page a send button in order to be able to make it more engaging with specific people, users of the application would choose on their own. The reason behind this is because the Facebook page containing the application is related to alcohol, and "liking" the application will get more audition and potential children. Another reason for using send button rather then other similar options from Facebook (like send dialog etc.) is because in Facebook documentation was stated that send button works on mobile devices and other options don't.
Problem:
My problem is related to the send button. What I need is to be able to completely configure the send button: url, image, title, description. I have research the open graph tags in order to be able to do this. Everything works fine if the page I want to be sent with the message is a website OUTSIDE Facebook. Once I started to use the url of a Facebook page (let's call it www.facebook.com/mycustompage), then the crawler takes the images, title, description from facebook.com ignoring the actual page and the produced message is not what I want.
I have searched a lot to better understand this limitation and could not find anything relevant.
The only article I could find as a potential solution was (and even this I had trouble finding):
Send button returning error codes, like button works fine
The above discussion is a workaround which I have already put in place but is not 100% what I want. The described workaround is about putting in the send button:
<div class="fb-send" data-href="http://www.mycustomdomain.com/og"></div>
a page that sniffs the user agent. In case the user agent is Facebook crawler to serve an html empty page just with the open graph tags, otherwise redirect to the desired URL - which in our case is the facebook page www.facebook.com/mycustompage.
The message produced contains:
the title which is a link to www.mycustomdomain.com/og which when
clicked opens a page in a new tab with the address
www.facebook.com/mycustompage - this is relatively ok
under the title I have a "sub-title" readonly text containing the domain of the link: www.mycustomdomain.com - THIS IS NOT OK since I don't want to share where I have hosted the application.
the image and the desired description - this is ok.
Conclusion:
What I want to know if there is a better way to do this rather than this workaround.
If not I would like to know how I can hide for the produced message the "sub-title" so that the hosted domain is not visible.
I have an application running in an iFrame that is embedded in a SharePoint site. The problem with this is navigation within the application does not result in a change in the SharePoint site URL. Therefore, if you were to refresh the overall page, you would be sent back to the default page of the application, not stay on the same page of the application. The reason this is an issue is sharing for social media. I have added a Facebook Share button to the application, but when it pulls the URL of the application which does not match or reference the URL of the overall site, so it just shares the application (which is not visually appealing and does not allow you to access the rest of the site).
Any body have any suggestions or know a place I can go for help? Thanks!
If I understand properly, the Facebook stuff is INSIDE the iframe?
If so, you can:
* Remove the iframe and integrate the application better with SharePoint, or
* Change the application so that it detects that it's running "alone" (with javascript etc), and if so redirect to the "big" application.
IF the Facebook stuff is in SharePoint, OUTSIDE of the iframe, you can write some javascript to update the URL in some way that matches the URL of the application. This requires that the SharePoint parent application and the iframe application run in the same domain - if they are not, this is not an option.
Note that changing the "parent" URL with JS will reload the page, UNLESS you only change the URL after the "#" part (so you can do something like:
"http://sharepoint/iframe.aspx?aa=11&bb=22#iframeUrl=http://uglyapplication/"
You'll also probably want to write JS to update your iframe accordingly if the user press "back"/"forward" etc in the browser, because changing the URL like above will still add a "step" to the browser history.
I'm getting a strange issue only Chrome + Firefox. It doesn't repro on IOS or IE9.
Here's the repro:
Load Home page http://example.com
Login (via a rel="external" hyperlink). In my case I use Facebook's Oauth Server Side flow - so this URL is a facebook.com.
Facebook accepts the user's credentials and then redirects to http://example.com/user/callback. Here various facebook data is processed (it is provided in the query string).
The server side code at http://example.com/user/callback then redirects the user to http://example.com. The mechanism used for the redirect is a RedirectToAction from ASP.NET MVC3. This returns a 302.
Expected Result:
User would see a URL in their browser = http://example.com and the content all nicely shown. This works on IE and Safari.
Action Result (on Chrome Only)
User gets a URL in their browser = http://example.com/#base_domain=example.com
The actual page is blank (no visible content)
However a view source reveals that the content is present.
Action Result (on Firefox Only)
User gets a URL in their browser = http://example.com/#_=_
The actual page is blank (no visible content)
However a view source reveals that the content is present.
Additional Info
If I enter the URL http://example.com/#base_domain=example.com into IE I get the same 'hidden' content (i.e. blank page with HTML source still present).
I should also note I use the RedirectToAction/302 redirect technique in other parts of the application with no issues whatsoever.
The issue also repros with AJAX navigation turned off.
EDIT: This also works on Safari (OSX + Windows) with no issues. It's only apparently broken on Chrome + Firefox on both Windows and PC.
IOS/Safari: OK
Win/Safari: OK
Win/IE: OK
Windows Phone Emulator: OK
Win/Firefox: borked
Win/Chrome: borked
OSX/Safari: OK
OSX/Firefox: borked
OSX/Chrome: borked
Not sure about Android.
The best solution appears to be setting the Push State and Hash Listening to false - so chrome/ff completely ignore them. I already had AJAX navigation disabled (there some interesting behaviours with it I hadn't completely accounted for yet with my server side code).
$.mobile.pushStateEnabled = false;
$.mobile.hashListeningEnabled = false;
I'll probably wait for 1.1 and stabilise the rest of my code before trying to get AJAX navigation working.