Facebook Share Button breaks my SSL/HTTPS connection in Chrome. Chrome is displaying a red HTTPS with a (/) slash displaying acroess the https.
Its states:
Your connection to XXXXXXXXXX.com is encrypted with 256-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page.
The connection uses TLS 1.0
The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and DHE_RSA as the key exchange mechanism
The connection is not compressed.
How can I fix this issue? My code for Facebook is listed below:
name="fb_share"
share_url="https://mysexywear.com/product_details.php?prodId=<?php echo $prodId;?>&catId=<?php echo $catId;?>"
href="https://www.facebook.com/sharer.php">Share
src="http://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"
Try using a relative protocol, like so:
name="fb_share" share_url="//mysexywear.com/product_details.php?prodId=&catId=" href="//www.facebook.com/sharer.php">
try this url ;)
https://facebook.com/connect.php/js/FB.Share
src="https://static.ak.fbcdn.net/connect.php/js/FB.Share" type="text/javascript"
Surely that would work?
use this codes:
<script>
function fbs_click()
{
u=location.href;
t=document.title;window.open('http://www.facebook.com/sharer.php?u='+encodeURIComponent(u)+'&t='+encodeURIComponent(t),'sharer','toolbar=0,status=0,width=626,height=436');
return false;
}
</script>
<style>
html .fb_share_link {
height:18px;
display:block;
float:right;
margin-top:1px;
width:57px;
background:url(https://www.kiraguru.com/images/fbshare.png) no-repeat top left;
}
</style>
<a rel="nofollow" href="http://www.facebook.com/share.php?u=<;url>" onclick="return fbs_click()" target="_blank" class="fb_share_link"></a>
Change the " https://www.kiraguru.com/images/fbshare.png " field and change style code for your custom design.
!!! Important -> You have to use https:// for share button image.
Thanks.
Referencing this link to the Share Button JavaScript code will return a Security Certificate error warning in each of the major web browsers:
https://static.ak.fbcdn.net/connect.php/js/FB.Share
Until Facebook resolves the issue it is not possible to acheive a satisfactory user experience that uses the JavaScript-implemented Share button within a website served over https.
I'd suggest one of two workarounds:
1) Implement a "fake" Share button by creating a Share URL and applying it to an image:
<a href="https://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww.your_url_encoded_webaddress.com" target="_blank">
<img src="../images/Share_Button.png" border="0" />
</a>
2) Use one of Facebook's non-deprecated Social Plugins ("Like" or "Send") to achieve similar functionality. Both of these are still fully supported and work over https:
http://developers.facebook.com/docs/plugins/
Related
I am trying out serving DFP ads in email. I'm following the guidelines here.
I have an ad unit set up just for email
I have a line item targeting that ad unit with just an image creative
The line item doesn't have any targeting restrictions or anything like that
The ad will show up in the email, at least the first time. The strange thing that I'm seeing is, after the first click, clicking on the ad again will often bring me to a blank page rather than the click-through page of the creative. Also, when I reopen the message, occasionally the image will not load. The code in the email looks like this:
<a href="https://pubads.g.doubleclick.net/gampad/jump?iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster}&tile=1">
<img src="https://pubads.g.doubleclick.net/gampad/ad?iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster}&tile=1" />
</a>
We've solved this by turning off cookies in the standard tag using the co= option; adding co=1 to the tag.
<a href="https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster}&tile=1">
<img src="https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster}&tile=1" />
</a>
The only problem (for us) that this creates is that we're unable to serve 3rd party tags, even ones that resolve directly to .gifs, using the standard tag.
Had the same problem and I solved it by using script to redirect click via script on my web server where ad is shown again so that all the cookies can be set.
Link looks like this:
http://www.mysite.com/dfpclick.php?adunit=mailing&cbuster=1369608725
Script dfpclick.php:
<?php
/* Google DFP url redirect*/
if ($_REQUEST['adunit']) {
$sUrl = 'http://pubads.g.doubleclick.net/gampad/jump?iu=/%mygoogleid%/'.$_REQUEST['adunit'].'&sz=1x1&c='.$_REQUEST['cbuster'];
}
?>
<html>
<head>
<meta HTTP-EQUIV="REFRESH" content="0; url=<?=$sUrl?>">
</head>
<body>
<?php
if ($_REQUEST['adunit']) {
echo '<img src="http://pubads.g.doubleclick.net/gampad/ad?iu=/%mygoogleid%/'.$_REQUEST['adunit'].'&sz=1x1&c='.$_REQUEST['cbuster'].'" width="0" height="0" border="0" style="width:0px; height:0px;" alt=""/>';
}
?>
</body>
</html>
It turns out that DFP for small business requires cookie support to work, even when using the non-JavaScript method of calling ads. So it works fine in web-based clients like Gmail, but it doesn't work in Outlook and the like. DFP Premium can supposedly serve ads in email without requiring cookies.
Using the co= option doesn't work for DFP Small Business. My workaround is:
Use the same code for img <img src="https://pubads.g.doubleclick.net/gampad/ad?iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster}" />
And build a redirect link on your website <a href="http://yourwebsite.com/adunit/300x250_email">. This page reads and filters the response from http://pubads.g.doubleclick.net/gampad/adx?iu=/{my_pub_id}/300x250_email&sz=300x250&c={cachebuster} in order to get the click-tracking link using javascript link=$(xmlDoc).find('a').attr('href'); and redirect.
This workaround doesn't work for rotation (more than one creative/line item is competing for the same ad unit at the same time).
I'd like to know how to serve email ads in rotation using DFP SB
I've been working on a problem for the last day and a half now and have still yet to find a solution.
When visitng my game on facebook (which is in facebook's iFrame) php sessions don't work. This is for IE and Safari. Chrome works fine.
I've already read all the posts on stack about this problem, which seems to be down to third party cookie security and needing interaction with the iFrame first. There was a workaround by making javascript post some form data to the iFrame first, but this seems to have been 'fixed' in the latest versions of the browsers very recently as this no longer works.
I even tried implementing a start page that would require them to click a link first (in the iFrame) to load another page which would then create the session. But even THAT doesn't work.
I'm also having trouble even loading new pages in the iFrame using javascript, which seems to always cause infinite loop refreshes.
And no, P3P headers do NOT solve it.
Does anyone have a solution to this problem? I can't be the only one with it, considering how many facebook apps exist!
I came across this problem using a client that had "Accept third party cookies" disabled. My solution was to force PHP to embed the session ID into the URI by putting this line at the start of each page:
ini_set('session.use_trans_sid', true);
As the URLs are in iframe within Facebook the SID is not seen in the top window.
For IE, you will need the P3P Headers set. Something like:
<?php header('P3P: CP="CAO PSA OUR"'); ?>
Safari blocks 3rd-party cookies by default. Currently, the only work-around that is working for me is to "pop-up" a new window to set the cookies. I have something like this:
<script type="text/javascript">
function safariFix(){
if (navigator.userAgent.indexOf('Safari') != -1 && navigator.userAgent.indexOf('Chrome') == -1){
window.open('https://yourdomainname.com/safari.php', 'Safari Fix','width=100,height=100');
}
}
</script>
And safari.php will have this:
<?php
setcookie("safari_test", "1");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Safari Fix</title>
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
</head>
<script type="text/javascript">
$(document).ready(function(){
window.close();
});
</script>
<body>
Since Safari does not accept third-party cookies by default, we are forced to open this window.
This window will automatically close once we have set the cookies.
</body>
</html>
PROBLEM: This won't work if users have "block pop-ups" enabled in Safari. If anyone has a better solution for this, inform me ;)
anyone notice the will cause your https:// to be unsecure??
When i directly point the browser to https://.../myfb_app/ the file isn't parse as secure if i have the
<div id="fb-root"></div>
somewhere in the file.
but when i remove
<div id="fb-root"></div>
, the whole file does parse as secure.
What is the cause and how can i fix this?
Any suggestions??
Regards
This should answer your question: Facebook JavaScript SDK over HTTPS loading non-secure items.
In short, add FB._https = true; before FB.init to force Facebook load files over secure connection.
According to the Facebook developer roadmap, it will soon be possible to put iframes inside page tabs but it's not yet available. I came across this Store Locator on Coach page which uses an iframe to display a Google map inside a tab :
http://www.facebook.com/Coach?v=app_168904438199&ref=ts
Looking at the source code, I see the map really is inside an iframe. How is this possible?
in STATIC FBML pages you CAN'T USE IFRAMES - no matter what FBML code you put in there, facebook have specifically made the code not work in in business page/tab static fbml pages - my guess is so they can prevent people setting up Amazon stores or other content that uses IFrame (spammers and spyware often use iframes) - the updates are in their 2010 wiki - so it's probabley also a security thing.
I frames can still be used on developers canvas pages apparently but the customer has to click on an image for it to activate rather than the iframe automatically loading - again this is probably a security issue to prevent driveby downloads - where zwinky and similar toolbars are forced onto people computers in the background via iframes without their knowledge.
However some say it does work although you need a user to click on it before it works. if you can live with that then go for it.
<a onClick="outside_location.setInnerFBML(location_two);" style="cursor: pointer;"><center>→our website</center></a><div id="outside_location"> <fb:iframe width="730" height="400" frameborder="0" src="http://www.fborder.com/" /> </div>
<fb:js-string var="location_two"> <fb:iframe width="730" height="600" frameborder='0' src='http://www.fborder.com/' /> </fb:js-string> <script type="text/javascript" charset="utf-8"> var outside_location = document.getElementById('outside_location'); </script>
check out this post. people have got it to work. and some say it wont work for the obvious reasons. such as security and so on. but give it a go regardless.
http://www.facebook.com/topic.php?uid=4949752878&topic=7081
PK
Hey guys, I have developed a small site that i would like to embed into a tab on a facebook page.
Previously I used this code to load in an iframe, it worked great:
<a onClick="outside_location.setInnerFBML(link_1);" style="cursor: pointer;">Link 1</a> | <a class="red" onClick="outside_location.setInnerFBML(link_2);" style="cursor: pointer;">Link 2</a>
<div id="outside_location"></div>
<fb:js-string var="link_1"><fb:iframe width="760" height="1280" frameborder='0' src='http://www.WebWhispers.in' /></fb:js-string>
<fb:js-string var="link_2"><fb:iframe width="760" height="1280" frameborder='0' src='http://google.com/' /></fb:js-string>
<script type="text/javascript" charset="utf-8">
var outside_location = d
document.getElementById('outside_location');
</script>
However, it has stopped working. I dont think facebook allows iframe inside of pages, only applications.
How can I load this page in without learning FBML? The site uses Jquery so I cant use FBML anyway.
I know applications can use iFrames, can I make it an application and then embed the application into a page tab somehow?
No. Tab pages can not contain iFrames. They must be written using FBML and FBJS.
One reason for this is that Facebook does not want to enable Tab pages to detect who looks at them. All requests (including images) on tab pages are proxied through Facebook for this reason. If iframes were allowed then the application would be able to detect who looked at it, which would present a privacy issue for Facebook users.
This is either a policy change by Facebook or, more likely, a bug. I say it's unlikely to be a policy change as it throws a script error, whereas a policy change would more likely strip the code out before it's rendered.
There's a bug report you can add votes to and follow here.