Can't load facebook js sdk from Chrome extension - facebook

I'm trying to use facebook sj sdk in a Chrome extension.
Im doing this on my extension init:
window.fbAsyncInit = function() {
// init the FB JS SDK
FB.init({
appId: 'APP_ID', // App ID from the App Dashboard
//channelUrl : '//www.example.com/', // Channel File for x-domain communication
status: true, // check the login status upon init?
cookie: true, // set sessions cookies to allow your server to access the session?
xfbml: true // parse XFBML tags on this page?
});
// Additional initialization code such as adding Event Listeners goes here
console.log(FB);
};
// Load the SDK's source Asynchronously
(function(d, debug) {
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {
return;
}
js = d.createElement('script');
js.id = id;
js.async = true;
js.src = "http://connect.facebook.net/en_US/all" + (debug ? "/debug" : "") + ".js";
ref.parentNode.insertBefore(js, ref);
}(document, /*debug*/false));
I'm getting this error:
Refused to load the script 'http://connect.facebook.net/en_US/all.js' because it violates the following Content Security Policy directive: "script-src 'self' chrome-extension-resource:".
I have the permissiosn in manifest set to http://*/. How can I load the sdk from an extension?

This is because you are trying to load an external script from your Chrome extension. For security reasons to prevent cross-site-scripting you need a special permission in your manifest.json file.
"content_security_policy": "script-src 'self' https://connect.facebook.net; object-src 'self'"
Make sure you use https:// instead of http://.

Related

xfbml form does not render

I am trying to use javascript sdk for rendering a XFBML form on our site and i keep getting
Unable to load the registration form for . You may have previously blocked this app on Facebook. Go to your Facebook privacy settings to unblock this app. (Error: Invalid 'client_id'.)
my app is registered and with correct id.
the code looks like is:
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '118446328234891', // App ID
channelUrl : '//www.sakshum.org/channel.html', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
// Additional initialization code here
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
</script>
<script src="https://connect.facebook.net/en_US/all.js#appId=118446328234891&xfbml=1"></script>
<fb:registration fields="name,birthday,gender,location,email" redirect-uri="http%3A%2F%2Fwww.sakshum.org%2FFbValidation" width="530">
</fb:registration>
just to add on if i use non xfbml version using just iframe then all works fine.
Looks like the issue was using encoded redirect_uri. changing it to normal url fixed the issue.
The redirect-uri must match with the setting "Site URL" in your Facebook app.

Facebook authentication API

I'm new to facebook API and I have some questions related to facebook authentication.
I have created an application and have edited the domain and url.
Website Domain
giftme.web44.net
Site URL
http://www.giftme.web44.net/
I used the following on my site webpage:
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '3347207XXXXXXXX', // App ID (I've replaced for security reasons)
channelUrl : 'http://giftme.web44.net/channel.html/', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
// Additional initialization code here
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
</script>
And I've created the page 'channel.html' with only this:
<script src="//connect.facebook.net/en_US/all.js"></script>
Finally I used the login button:
<div class="fb-login-button" >Login with Facebook</div>
What i'm I doing wrong?
I keep getting this error:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: Invalid redirect_uri: A URL informada não é permitida pela configuração do aplicativo.
http://www.giftme.web44.net/ is not equal to http://giftme.web44.net/
The redirect_url must contain the Site URL or Canvas URL as defined in your App Properties.
An example would be:
https://api.facebook.com/method/admin.setAppProperties?
access_token=CURRENTTOKEN&
properties={'post_authorize_redirect_url':'http://giftme.web44.net/channel.html/'}
Error code 191
FB App Properties

facebook login js sdk redirect

am trying to use facebook login on my site and here is how i load the sdk
window.fbAsyncInit = function() {
FB.init({
appId : '362869753746986', // App ID
channelUrl : '//WWW.FESTIVEHUB.COM/channel.html', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
// Additional initialization code here
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
and the login button
<div class="fb-login-button" data-show-faces="true" data-width="200" data-max-rows="2"></div>
if i click the login button it shows a new facebook window for login and if i do it logs in the problem however are after the login the small new window remains and it blank but if i manually close it and refresh my page the login button is replaced with my FB profile picture so i need that login window to close automatically and i need a callback function so i can take action after the login. NB am working on localhost if its worth noting!
Your code looks OK, but your issue is probably your channelUrl file. The domain on the channel URL, your applications registered URL, and the URL you are trying to login from all have to match. The channel file also needs to have a single line
<script src="https://connect.facebook.net/en_US/all.js"></script>
to work.

Using facebook comments inside facebook app

I am trying to add a facebook comments box using the social plugin to an application which will be running inside facebook as a facebook app.
When I view the app via its url it works fine however when I view the app in the dev facebook app the comments plugin does not load. Does anyone know if this is possible or if there are any additional settings required.
I have tried setting the data-href to the url of where the app is served from and the url of the facebook app neither seem to work
<div class="fb-comments" data-href="[MYDOMAIN]” data-num-posts="30" data-width="470"></div>
The code is just the standard snippet from fb js sdk
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '[MYAPPID], // App ID
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
FB.Canvas.setAutoGrow();
// Additional initialization code here
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
Try providing a channel file and channelUrl.
From the Facebook JavaScript SDK documentation:
"...pages that include code to communicate across frames may cause Social Plugins to show up as blank without a channelUrl..."
FB.init({
appId : 'YOUR_APP_ID', // App ID
channelUrl : '//WWW.YOUR_DOMAIN.COM/channel.html', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});

Facebook Multi Friend Selector Dialog failure?

I am getting the following error when I press "Send Request" on my facebook multi friend selector dialog.
Unsafe JavaScript attempt to access frame with URL https://s-static.ak.fbcdn.net/connect/xd_proxy.php#cb=f13538d5d4&origin=http%3A%2F%2Fjoincrowdy.com%2Ff3b62245cc&relation=opener&transport=postmessage&frame=f145be71f&result=%7B%22request%22%3A%22271624056256532%22%2C%22to%22%3A[%22122614229%22]%2C%22updated_frictionless%22%3Afalse%7D from frame with URL http://MYAPP.com/rooms/1. Domains, protocols and ports must match.
I originally was developing on myapp.com:3000 but this error prompted me to try sending app request via production mode (port 80). That did not solve the issue.
NOTE: I added 127.0.0.1 myapp.com in my /etc/hosts Will that result in this error?
This is my code:
function initFb() {
window.fbAsyncInit = function() {
FB.init({
appId : user.fbAppId,
frictionlessRequests: true,
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
});
// Additional initialization code here
};
// Load the SDK Asynchronously
(function(d){
var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
ref.parentNode.insertBefore(js, ref);
}(document));
}
function attachInviteButton() {
$("#invite").click(sendRequestViaMultiFriendSelector);
}
function sendRequestViaMultiFriendSelector() {
FB.ui({
method: 'apprequests',
message: 'Invite your friends to play now.',
}, requestCallback);
}
function requestCallback() {
}
If you look at the JavaScript SDK documentation you'll see that when they call the FB.init they provide a channel url:
FB.init({
appId: 'YOUR_APP_ID', // App ID
channelUrl: '//WWW.YOUR_DOMAIN.COM/channel.html', // Channel File
status: true, // check login status
cookie: true, // enable cookies to allow the server to access the session
xfbml: true // parse XFBML
});
Which you have not.
In the same page, under the Channel File section there's an explanation of what it's good for and how to supply it.
It says clearly:
The channel file addresses some issues with cross domain communication
in certain browsers
This solution might fix that problem for you.