I'm running a litte webpage with an online game and I want to display the current ranking on the facebook fan page of this game.
So I thought of creating an app, which does nothing else than including the ranking in the app canvas, so that I can use this app on the fan page.
But I have first absolutely no experience with SSL and second do not want to buy a certificate. Is there any possibility of doing what I have in mind without SSL?
It's only importing data into the fan page. There is no interaction with user data, so there is even no necessity for SSL.
Thanks in advance.
You can enter an invalid URL under Secure Canvas URL field in the application settings section.
The problem is that all users who use Facebook's secure browsing won't be able to see your app since they are redirected automatically to the secure canvas URL.
Related
I have read that Facebook requires that iframe pages uses secure connections (SSL).
But I am now setting up my first app and there are two fields, one "Canvas URL" and another for "Secure Canvas URL".
Has the Facebook policy changed? Is it possible to use an iframe with an non-secure canvas url?
Secure canvas urls are not required in these scenarios:
The app is in sandbox mode and you are a developer or someone who can view the app in sandbox mode.
The app is public
and the user of your application has not enabled secure browsing on
their Facebook account.
If your app is live (not in sandbox mode) and you want ANYONE to use your app, the you will need to get an SSL certificate for your server and add the secure URL to your app's settings
Here is a blog post from Facebook about the change they made in October 2011 http://developers.facebook.com/blog/post/2011/09/09/platform-updates--operation-developer-love/
Sorry in advance for my bad english:
Fb policy has changed a lot in the last period.
Actually you NEED absolutly 2 canvas urls:
"standard" canvas (simply, link the host where the app/program is
stored)
secure canvas (you need to buy a facebook certificate for your host where app is stored)
Basically the app works if you have and also if you don't have a SSL certificate, but people who have setted a strong app privacy on their fb accounts, aren't able to see your app
(browser displays an error message: "this website is not secure bla bla, ecc")
Yes, you need a SSL certificate, but you can get 1 free cert in startssl.com.
There are circumstances where I'd like a link to break out of facebook canvas' iframe. For example, if I'm linking to to the apple app store, it seems more prudent to have the link target="_top" or top.window.location.
Are there any circumstances in which it is against fb policy to link out to the top window?
I think you have to do this if you are setting cookies and such. When the user first visits, I capture the signed_request, and send them to a different URL via window.parent.location.
Then once they've authenticated on my domain (where I can set 1st party cookies easily), I send them back into the canvas application to a specific page.
If there's a better way I'd love to hear it.
What is App Domain used for in Facebook Apps?
Somebody had asked the same in What are App Domains in Facebook Apps? but I didn't really get it.
What I am trying to do is "publish actions" from a mobile app. The object to be published must be stored in a separate web page. And the domain of the separate page is supposed to be included in app domains.
Is app domain applicable for Mobile apps as well?
Well AppDomain simply means where is located your application's server side files.
Your application only usable from that domain. Facebook needs data for cross domain and security issues.
Unless you're going to use FB auth for a website you don't need to fill App Domain input.
I encountered the same issue for my mobile app. To fix it, I set the App Domain to my domain. But that wasn't enough because I then got the error:
Error
You have specified an App Domains but have not specified a Site URL or a Mobile Web URL
puurbuy.com must be derived from your Site URL or your Mobile Web URL.
So I had to go one step further and enable "Website with Facebook Login" setting the URL to my homepage, even though I do not have a Facebook login on my website. A terrible work around in my opinion, but it worked.
Because not using Sandbox Mode:
1. Had to establish a category on appdetails page
2. Had to set Website with Facebook Login
3. Then able to set App Domain
Now the debug pulls in the correct information without error.
App domain is not something related to your app or web domain, this is basically a App Store address.
Simply write this line in App Domains.
apps.apple.com
this worked for me.
we have created a Facebook app, but when opening this on a mobile (via Web or iPhone) the page results in a 4oh4 error. I have setup a Mobile Web URL but still (after 1 hour wait) gives a 404.
Do I need to make specific changes on my app?
Please help.
This is expected as #Igy stated. You will need to have a handler to support redirecting mobile users to your apps.facebook.com/ or you can redirect them out of Facebook to your own URL if you are going to try and link to your page directly with an app embedded as a tab.
i.e. point link to http://yoursite.com/redirector
is mobile goes to http://yoursite.com/myapp or http://apps.facebook.com/
non mobile goes to http://facebook.com//app_
Some things to note:
You won't get any page specific data back from facebook on your page (i.e. Liked or Not Liked).
Based on #1 you won't be able to restrict the non-liking app users from a page.
After trying everything under the sun to get Facebook to redirect to a mobile web URL, here is what I needed to do in order to get the redirection working:
Make sure the Facebook application is a canvas application. This gives you the ability to give the application a namespace.
Give your application a namespace so that you can access it through https://apps.facebook.com/NAMESPACE. From here, Facebook will do the detection for you, and if needed, redirect your users to your specified mobile URL.
Make sure your app is NOT in sandbox mode.
If your app is in Sandbox Mode, Facebook won't redirect you to the mobile version you have specified in your app settings.
Facebook does the redirecting for you, you don't have to. Although their version of what "mobile" is and what you deem "mobile" might be different.
So I created a facebook app using iframes, I'm using it as a tab on a facebook page and it works.
But if I use HTTPS, the tab isnt even there.
Anyone know how to fix this?
thanx
Facebook recently enabled the ability for users to set their accounts to use secure browsing (https / ssl). In your application settings > Facebook integration section you now have 2 fields: Secure Canvas URL & Secure Tab URL which in order for your app to work if a user has enable secure browsing, you will need to fill those in. This also requires that the server you are hosting your app on has a valid and configured SSL certificate.
If you are browsing over HTTPS (which is a something a user can now enable in their FB account settings), then the iframe will need to be pulled in over a secure connection too.
This is a known issue (marked as fixed and resolved - http://bugs.developers.facebook.net/show_bug.cgi?id=15200) and, rather than attempting to simply call the same URL over HTTPS, Facebook now provide a separate field under the integration settings for the URL of a secure version of the iframe. If this does not exist, then the tab will not display over HTTPS.
Sergiogx, make sure you filled both fields Canvas Tab URL and Secure Canvas Tab URL. I'm using free facebook page hosting from http://hostfb.com and they also provide SSL support.