I'm working on an API to allow posting to Facebook, using Graph API over REST, sending HTTP post requests to https://graph.facebook.com/me/feed (after succesful OAuth2 auth).
I can specify message and link and it posts the link, (but with message ignored?), and I can also include name, caption and description to get those elements handled - so links are ok.
If I use just message or just picture, I get the error:
(#100) Missing message or attachment
If I use message and picture, it posts the message, without any picture. (Which is useful, but not intended behaviour?)
The only way I can get the picture seems to be as a link (which includes it as a thumbnail).
I've looked through the docs but can't find any useful info on this - all the examples are showing links.
My main question is: What is the intended way to post a message without a picture or link?
But it'd also be useful to know if there's a way to post a picture to the wall? (non-thumbnail, with lightbox)
The actual code is more complex, but simplified here to demonstrate the issue.
This was failing:
<cfhttp
result = "local.Response"
method = "post"
url = #Arguments.Url#
>
<cfhttpparam type="url" name="Message" value="#Arguments.Message#" />
</cfhttp>
This worked:
<cfset Arguments.Url &= '&message=' & encodeForUrl(Arguments.Message) />
<cfhttp
result = "local.Response"
method = "post"
url = #Arguments.Url#
>
<cfhttpparam type="url" name="dummy" value="ignore" />
</cfhttp>
(The dummy cfhttpparam is because CF complains if a POST request doesn't contain at least one param.)
Related
I'm trying to learn Sails JS and obviously REST API.
I've created a user model wich I think works fine (it communicates datas with my db). I've also created a signup controller with 4 needed inputs to store a new record in my user collection. (Some other datas are generated by this controller to complete the record at the moment of the registration)
I would like to test this controller with POSTMAN, so I go to my routes.js and see :
'POST /api/v1/entrance/signup': { action: 'entrance/signup' },
But when i enter a POST request at 192.168.1.13:1338/api/v1/entrance/signup with my 4 needed inputs declared I have this answer : Forbidden
I don't know what I do wrong. I've also enabled rest, shortcuts and actions in my blueprints.js
Does someone has an idea ? :)
The issue is indeed related to cross-site request forgery, but disabling the corresponding security rule altogether is quite obviously not a solution. CSRF and its treatment in sailsjs are well described in the corresponding part of the manual. In short, for POSTs to work you have to include _csrf in your requests. E.g. in a view template:
<form>
<input type="hidden" name="_csrf" value="<%- _csrf %>" />
</form>
As said below, removing CSRF protection is not an answer as it may expose the api to a security breach. I currently use JWT but it doesn't seems to be as secure as CSRF token so the only right way is to include the token in every HTTP's request header.
I was debugging open graph for my new website and I have the following error:
Could Not Follow Redirect Path
and
URL returned a bad HTTP response code.
https://developers.facebook.com/tools/debug/og/object?q=http%3A%2F%2Fwww.webcilento.com%2Fsite%2Feventi%2Ffiera-di-prova.html
This error occurs only in calendar section (http://www.webcilento.com/site/eventi/fiera-di-prova.html)
I'm using Joomla 3.2.1
Any ideas?
I think there is an error in the og:url open graph header which you have set.
The URL to your page is http://www.webcilento.com/site/eventi/fiera-di-prova.html but the open graph header says this:
<meta property="og:url" content="http://www.webcilento.com/site/site/eventi/fiera-di-prova.html" />
There is an extra "site/" part in that URL - Facebook is picking this up, visiting that URL which then returns a 404 - hence the "bad HTTP response code" message. If you change that <meta> to the following, it should work:
<meta property="og:url" content="http://www.webcilento.com/site/eventi/fiera-di-prova.html" />
If these headers are added by a plugin or by Joomla itself, then perhaps something is misconfigured? If you provide more information about how you are adding the Open graph headers to the page then we can assist with that.
What acute view! I haven't seen the double 'site' in the url!
Anyway the tag is added by a calendar plugin.
This is the code
// adding current url as url
if (isset($_SERVER['HTTPS'])) {
$protocol = "https://";
} else {
$protocol = "http://";
}
$fburl = $protocol.$_SERVER['HTTP_HOST'].KRequest::root().#route('option=com_ohanah&view=event&id='.$event->id.$itemid);
$doc->addCustomTag( '<meta property="og:url" content="'.$fburl.'" />');
I'll try to debug that variables.
After digging for 3 days came to the conclusion that name servers were configured incorrectly.
I am using Bigrock for the domain and GoDaddy for hosting, by mistake, I configured actual hosting provider host name in "Name Server 3" and "Name Server 4". But Facebook looks for the content in first server "bigrocks-1.com"(wrong server) server but does not find any hosting. Bigrock redirects request to next server "bigrocks-2.com", for which Facebook results into 'Using data from "URL" because there was an error following the redirect path.'.
Hope it may help you :)
This started as a question, but in the process of posting this question, I solved it. So now, this is an FYI post...
==========
At first, whenever I tried to post to this URL, I would get an error message:
https:// www.dwolla.com/oauth/rest/register --> Bad URL
There is no operation listening for
http:// phx-dwol-web1.cloudworks.com/oauth/rest/register, but there is
an operation listening for
http:// www.dwolla.com/oauth/rest/register/, so you are being
redirected there.
I fixed by appending the auth values to the post URL:
https://www.dwolla.com/oauth/rest/register/?client_id={id}&client_secret={secret}
--> Good URL
Then, I was having trouble with request formatting. To fix this, make sure that you post JSON in the BODY of the post. Do NOT append to the URL, or submit as form fields.
Lastly, when I finally got a proper response from the Dwolla API, I was getting this error:
"New user must accept terms of service."
This is because the Dwolla API is CASE SENSITIVE, so the "ACCEPTTERMS" parameter in the JSON body must be submitted as "acceptTerms" in order for it to work.
Here is the documentation I am referencing:
http://developers.dwolla.com/dev/docs/register
Happy coding!
Thanks for the answer...it ultimately led to me solving my problem as well.
For completeness, I encountered this error when sending a poorly formed request to the api, where I had left off the trailing / before the get parameter {oauth_token}.
INCORRECT:
http://www.dwolla.com/oauth/rest/users?oauth_token={oauth_token}
CORRECT:
http://www.dwolla.com/oauth/rest/users/?oauth_token={oauth_token}
<form method="POST" action="/index?key=1">
<input type="text" name="another_key" value="2" />
</form>
When I submit such a form and trying to fetch the GET parameter with CGI->new->param('key'),
it doesn't work..
Can CGI work when both GET and POST parameters exist?
For a POST request, CGI's param method will only get post parameters, but there is an alternate url_param method that will provide the "GET" parameters from the url.
This can be very helpful for file uploads; if the post request is too large, it will be entirely discarded, but the url parameters can tell you what kind of upload it was so you can show the user an error message in the correct context.
According to the Facebook docs, OAuth Device Flow is supported.
However, when I follow their directions on starting the Device Flow process, I receive a status code of 400 (Method not implemented).
Has anyone successfully able to get the Facebook Device Flow process functioning?
curl -X post https://graph.facebook.com/oauth/device?type=device_code&client_id={appId}
<HTML>
<HEAD>
<TITLE>400 Bad Request</TITLE>
</HEAD>
<BODY>
<H1>Method Not Implemented</H1>
Invalid method in request<P>
</BODY>
</HTML>
About your specific error, it seems facebook docs made you do it wrong: FAIL
You must send a POST request, which you're asking cURL to do, but request data must not be part of the URL. Instead, you should use the -d option to specify the sent data and use the URL up to the ? sign, like shown in this superuser question
But! Even if you used the right HTTP method, you'd get an error that reads:
Unsupported type: 'device_code'. Supported types: web_server, user_agent, client_cred, username
Now the best part: this happens unless you use the client_id facebook themselves used for their demo! In that case, you get a 200 (OK) response with the expected code, user_code and verification_uri. Apparently their application is somehow different from those we're trying with. No hint in the app configuration page about this.
By the way, I haven't found anyone claiming to have successfully used facebook's Device Flow, have you?
Here's an example implementation, but I haven't managed to get it working with my own project:
https://oauth-device-demo.appspot.com/
I also encountered the same error.
look this article
http://forum.developers.facebook.net/viewtopic.php?id=105132
it's teach your how set app, but after trying, nothing change~
you can try~