How to check which src causes https to be invalid? - facebook

The last couple of days i came across a bunch of https issues (just altering facebook apps to work with https). Now when all files are on the same website everything is easy to alter also using //www.domain.com/etc and ofcourse FB._https = {window.location.protocol== "https"};
is a time saver.
But now i have a file which uses get_file_content('http://www.somesite') and i can find the src that causes the https to be insecure.
Is there some firebug / webdeveloper tab i should look at???? How to find the troubling src??
regards

Can't you look at the net tab of firebug and set it just to show image responses?

Related

Privoxy whitelist faulty on redirect

My problem, in a nutshell, is the following:
I use Privoxy to set up a whitelist of sites in Raspbian Jessie on Chromium. I have Chromium start on boot with the following snippet in lxsession/LXDE-pi/autostart:
#privoxy
#chromium --incognito --kiosk --proxy-server=127.0.0.1:8118
This does work as intended, with every site except the ones I specify blacklisted.
Now I edited /privoxy/templates/blocked so that instead of the usual site it will give me a redirect to a certain site should a link be opened that is not on the whitelist:
<!DOCTYPE html>
(Stuff happens)
Please go back to this site.
example.com being one of the sites I whitelisted. The problem is, it simply redirects me to the "blocked" page again, making me stuck in a loop. Does anyone have a clue why this would be and how I could work around it? I tried using
window.history.back()
however it doesn't seem to work either.
I use Kiosk mode because I want to use this in a context where entereing URL-adresses is not desired, just to clarify my Chromium-call.
Well, I solved it, at least partially. Turns out that I need to add http:// in front of the URL, since it gets added to the already existing URL otherwise. Which is fair, but a bit awkward for me to admit. HTML isn't exactly my forté. Marking it as solved and keeping it, just in case somebody stumbles upon a similar problem.

window.CavalryLogger error in Facebook App running in Facebook Page Tab

I have applications which are displayed as tabs in Facebook pages which have been working fine. They suddenly started displaying this output in the tab:
/1336720089,176820405/
if (window.CavalryLogger) { CavalryLogger.start_js(["EgxV3"]); }
__d("UFIUpdate",
Any ideas what is going on???
Here is a link to one of them: http://www.facebook.com/TweakShoes/app_132692060112327
A temporary solution is to add https:// to facebook itself. This doesn't solve the problem, but it'll allow you to see your page on a per client basis.
The best fix in the longer term until facebook fixes this issue is to go to your account settings > Security > Enable secure browsing. This will enforce HTTPS wherever it can and should resolve the issue for a lot of pages you're trying to access.
Good Luck!
After encountering this issue yesterday, I tracked it down to an apparent conflict with the JS log wrapper included as part of HTML5 Boilerplate's script.js file. In particular, the "make it safe to use console.log always" snippet. After commenting it out, the FB lib error went away and my app displayed properly.
I didn't dig into what the conflict was, but here is the snippet. If you use something similar on your page, then it may be worth investigating.
/* make it safe to use console.log always */
(function(b){function c(){}for(var d="assert,count,debug,dir,dirxml,error,exception,group,groupCollapsed,groupEnd,info,log,timeStamp,profile,profileEnd,time,timeEnd,trace,warn".split(","),a;a=d.pop();){b[a]=b[a]||c}})((function(){try
{console.log();return window.console;}catch(err){return window.console={};}})());
It's probably not a coincidence that FB's own logger bugs out with this.
Facebook has opened a bug for this issue and recently triaged it to medium priority - no word on when it will be addressed.

Unexpected Token ILLEGAL only in Chrome, only on Refresh

Help me Stack Over-flow-nobi, you're my only hope.
I see lots of posts and questions about the 'Unexpected Token ILLEGAL' issue in chrome, but haven't found a solution for my own variety of the problem.
I'm building a Facebook tab that needs to be served https (Facebook policy). It's a page built in WordPress and I'm using the WordPress HTTPS plugin to force my particular page to render with HTTPS.
When I test with regular old HTTP, everything is fine (except for the "unsecure content" warnings, but that's another issue).
When I test with HTTPS, when the page loads the first time, it's okay, but if I hit REFRESH, then I get the ILLEGAL error. It's inconsistent - sometimes it balks on a different file, but something bad happens almost every time.
The page is at http://www.facebook.com/pages/TbkCreative-Leavens-VW-Beta/178151292291863?sk=app_363900450303117
screen shot of error on Chrome console http://tbkcreative.com/sandbox/leavens/files/2012/01/unexpected_token.png
Any insight? I'm banging my head against the wall on this one.
Thanks
Trevor
File this one under the red herrings and wild goose chases.
I'm using a plugin called GD Star Rating on this app. It includes a dynamic CSS file. It was being loaded in with:
<link rel='stylesheet' id='gdsr_style_main-css' href='https://tbkcreative.com/sandbox/leavens/wp-content/plugins/gd-star-rating/css/gdsr.css.php?t=1327595625&s=a10i10m20k20c05r05%23121620243046%23121620243240%23s1pchristmas%23s1pcrystal%23s1pdarkness%23s1poxygen%23s1goxygen_gif%23s1pplain%23s1ppumpkin%23s1psoft%23s1pstarrating%23s1pstarscape%23t1pclassical%23t1pstarrating%23t1gstarrating_gif%23lsgflower&o=off&ver=1.9.10' type='text/css' media='all' />
If I got rid of all of those query arguments, the problem went away. Ditto for if I just got rid of the file altogether. I didn't dig deeper to figure out exactly what was causing the issue, as I was just relieved to figure it out.
I don't understand why this file was causing javascript files down the pipe to be loaded incorrectly. I don't understand why it only happened in Chrome, accessing the page with HTTPS and when I hit refresh. Weird.
But fixed.

Apps>Menu>Basic 405 Method Not Allowed

I am hosting my pages on my doamain. I put the following info. When I go to view the app it shows 405 Method Not Allowed..Not sure what I am doing wrong.
*
The first page load a APP makes is a POST request.
Seems your server could be rejecting them.
Its worth checking the server side error log for further information.
Indeed, it will most probably be a setting on your server. I had the same problem, my server didn't allow POST method on .html pages, changed my canvas page source to .php and all works fine now.
If you can look at your apache logs, it will provide a more clear error that we can help you debug with. Though a 405 error typically signifies a problem with the server and usually stems for a POST request.
I have made the mistake 2 times of creating my site in html instead of using a scripting extension. For example, if you are running on a Windows server and coding in Visual Studio, it is tempting to just create .htm or .html files. However, most web servers will not allow a POST operation to these pages. Instead, create .aspx pages, which will still allow you to use the same exact static HTML and JavaScript. This solved my problem in both cases.

FW/1 URL Encoding Subsystems

I am creating an FW/1 based plugin for Mura CMS, and after I installed it I was getting permanent redirect errors in my browser. I noticed that my URL which should be /plugins/studentms/?action=admin:main.default was being turned into /plugins/studentms/?action=admin%3Amain.default. I don't know what I might have set that is causing that. The template for the FW/1 plugin by Steve Withington works just fine, and when I was developing my app as a normal FW/1 application it worked fine.
If I try to go straight to either the root of the plugin (/plugins/studentms) or directly to the proper URL then it redirects to the URL encoded format.
Anyone have any ideas as to what would cause that?
PS I have tried in multiple browsers.