I'm using the Facebook Registration Plugin on my site, but I'm getting security errors in Firefox (10) and Safari (5).
I have this code in HTML:
<fb:registration fields="[{'name':'name'}, {'name':'email'}, {'name':'company', 'description':'company', 'type':'text'}]" redirect-uri="http://[url removed]/" width="318" height="360"></fb:registration>
So the redirect-uri is in http. I insert the JS SDK with the code provided by Facebook:
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = "http://connect.facebook.net/" + language + "/all.js#xfbml=1&appId=107844832676140";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
Everything works fine in Chrome and IE9, but I get a security warning in Firefox and Safari. In Firefox I get this error message:
"Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party.
Are you sure you want to continue sending this information?"
In both Firefox and Safari I can press ok and go ahead with posting the form. But how do I get rid of this security message? Does the page I am posting to need to be in https?
Looks like a problem with http and https.
My guess is that your page is over https, but in your code you load the facebook sdk over http, which is not a good idea...
change this:
js.src = "http://connect.facebook.net/" + language + "/all.js#xfbml=1&appId=107844832676140";
to this:
js.src = document.location.protocol + "//connect.facebook.net/" + language + "/all.js#xfbml=1&appId=107844832676140";
Developers complain of getting security warnings in browsers like Firefox and safari. For instance, Firefox gives security warning like -
Although this page is encrypted, the information you have entered is to be sent over an unencrypted connection and could easily be read by a third party. Are you sure you want to continue sending this information?
User can press ok and go ahead with posting the form. However, web developer do not want users' to avoid registration because of this securty warning.
For solution Please refer to:
http://blog.oursocion.com/2012/07/facebook-registration-plugin.html
Related
I'm trying to include Facebook Messenger Customer Chat Plugin in my website, but the plugin is not showing. It was working fine couple days ago but suddenly it stopped working.
I'm getting two types of errors:
1- When I'm not logged in to facebook, I'm getting this error in console:
Failed to execute 'postMessage' on 'DOMWindow': The target origin
provided ('https://www.facebook.com') does not match the recipient
window's origin ('https://web.facebook.com').
I used FB.CustomerChat.show() in the console, and the dialog appears but the error is repeated, and the bubble isn't shown.
2- When I'm logged in to facebook, I'm not getting any errors and the plugin still doesn't appear.
I used FB.CustomerChat.show() in the console, and the dialog appears but and the bubble isn't shown, but this time an Error link is displayed within the bubble's iframe saying:
this plugin requires the use of the Javascript SDK and XFBML
I tried changing the version of the sdk, changing the settings in the facebook app (developers.facebook.com), whitelisting the domain in my facebook page,
tried adding #xfbml=1&version=v2.12&autoLogAppEvents=1 after the url for the sdk..
no luck at all.
window.fbAsyncInit = function () {
FB.init({
appId: app_id,
autoLogAppEvents: true,
xfbml: true,
version: 'v2.12'
});
};
(function (d, s, id) {
var js;
var fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = 'https://connect.facebook.net/'+localization+'/sdk/xfbml.customerchat.js';
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
To workaround add this to response header:
X-Frame-Options: allow-from *
or
X-Frame-Options: allow-from https://www.facebook.com https://web.facebook.com
Changing the version for Facebook JS SDK to v3.3 and making sure that the Facebook SDK and Facebook MCC SDK are both loaded exactly after the body tag solves the issue.
Update:
There is a bug within the Facebook JS SDK that causes this problem, you can track the issue here:
https://developers.facebook.com/support/bugs/470869643489449/
Facebook enables you to have both friends and followers on the network. Friendship is a two-way relationship -- you can see the updates of your friends, and they can see yours (depending on the privacy settings configured for each post). If you follow someone, this is a one-way relationship: You can see the user's public updates, but that individual doesn't see yours.
i have my own id where new people add me as friend but i on follow option. so new user follow me.is there any way i can get followed number in php.
very thank for luschn helping me
well i found its solution it was very easy hence Facebook doc / FQl not supported this function but getting number of followers is very easy
just
https://developers.facebook.com/docs/plugins/follow-button
my recommendation visit above line mention code is for sample only
Your Plugin Code
Include the JavaScript SDK on your page once, ideally right after the opening tag.
(function(d, s, id) { var js, fjs =
d.getElementsByTagName(s)[0]; if (d.getElementById(id)) return; js
= d.createElement(s); js.id = id; js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.5";
fjs.parentNode.insertBefore(js, fjs); }(document, 'script',
'facebook-jssdk'));
Place the code for your plugin wherever you want the plugin to appear on your page.
your
profile id place here(you can view this click on your profile copy
url) "
data-layout="standard" data-show-faces="true">
I am trying to figure out if I can give somebody a "sharer" link where they click on it and then make a post to facebook. After they have posted, I wish to be able to verify that this post has not been tampered with or at the very least deleted, lets say 2 weeks from the time it was posted. Is there a way to programaticaly check if the post still exists and get the content of that post?
I know I can do the first part with some javascript such as this:
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/etc...";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
However, is there a way for me to check that what this user has posted still exists after 2 weeks?
This would only be possible by authorizing a user with the publish_actions permission. After that, posting something with the FB.ui dialog will return the post ID in the callback function. Of course you could also use /me/feed to post something then.
But authorizing a user just for this is pointless, it is not allowed to "incentivize" sharing, as you can read in the platform policy. So you are not allowed to reward the user for sharing in any way. Users need to share something because they really want to.
Also, you would never get through Login Review with this, so it´s actually impossible.
I am attempting to use the share button on http://www.desiringgod.org/ on a Mac. It works for me on mobile, and on a desktop, the sharer dialog comes up properly. However, when clicking the Share Link button, dialog shows a short Facebook status bar and then does not respond. After inspecting in the browser's dev tool console, I see an 500 error.
Here's what I see in Firebug.
"POST https://www.facebook.com/ajax/sharer/submit_page/ 500 Internal Server Error"
"NetworkError: 500 Internal Server Error - //www.facebook.com/ajax/sharer/submit_page/"
Is anyone else experiencing this issue? Any ideas on how to resolve?
It seems like a FB issue, but I can't find much else about this online or on FB forums.
Thanks!
I had the same error and realized I was using a wrong app id. I'm not an admin of that faulty app id, so I don't know whether it was some settings in it (perhaps sandboxed) or something else. But changing it will definitely solve the issue for you
This seems to be a bug on Facebook's behalf - as their Like button plugin doesn't require an appId and their Share Button code-generator doesn't include any references to it being required.
That said I've found a workaround that doesn't require signup/AppID-registration.
What I did was simply to copy any existing AppID and stuff it at the end of the sdk.js URL, Like so:
<div id="fb-root"></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.0&appId=XXX";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
(The one I used in place of the "XXX" above, was an App ID from one of Facebook's own sites.)
There seems to be no validation being performed, which again leads me to believe this is a temporary blunder made by Facebook.
I added a facebook like button in my page. The page is rendered by using AJAX.
Here is my code:
$(document).ready(function(){
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/all.js#xfbml=1";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
});
When I access this page via Chrome, Chrome keeps log the error message:
Blocked a frame with origin "https://www.facebook.com" from accessing a frame with origin "site url" The frame requesting access set "document.domain" to "facebook.com", but the frame being accessed did not. Both must set "document.domain" to the same.
Thanks a lot for your help.
I just found this on the facebook developer site:
"This is a warning in Chrome that has no ill side effects
Please check whether you have any extensions installed."
http://developers.facebook.com/bugs/586120791417551/
It may be that you have a content script from an extension that is generating these errors. My site is slo showing several of these errors in the console log. However, the facebook button is operating correctly. I am going to test in a chrome session with no extensions installed.
Is your facebook like button functioning correctly (other than throwing messy console errors)?