Blank Canvas Page for iFrame App - facebook

I'm working on an iframe style app that pulls the facebook optimized page available at http://store.starrco.com/?store_mode=facebook. I've done other, admittedly much simpler, iframe apps before without issue but though I've configured this one more or less the same when I try to view the canvas url it remains blank.
My settings can be seen here: http://www.abstraktmg.com/clients/starrco/starrcofbsettings.jpg
I've tried a few different permutations of this with the same results, this is the most complete setup though and most closely matches the settings template I was given.
This page is being generated by Webasyst's shop-script, which is specifically supposed to support this. The obvious answer then is to contact their support which I did, but after assuring them that my app settings matched their template, they said I needed to contact Facebook support and this is as close as I could find to any proper support system.

I checked both http and https versions of store.starrco.com/?store_mode=facebook and both worked outside of facebook.
However, there may be some framebusting code which might prevent the site from being loaded in an iframe. And I see that your settings appear to be missing the app domain entry.

I ran into the same problem, especially in Chrome and Firefox. The problem is, when the user is surfing with https on Facebook, the https Version of the iframe is called. But the browser do not show invalid certificate problems until you to right click page information.
You need to have a signed SSL cert by a CA trusted in the browser.
If the user has accepted it without the iframe - outside of Facebook, it works.

Related

Facebook App - localhost & force https problem

Yet another Facebook app/API post I know, but please read carefully.
For better clarity, I'll add here that we're currently in 2021, March 29, their API has changed quite a lot over the last few months (and might change as well), therefore most answers on StackO aren't working anymore.
Furthermore, IMO their documentations aren't fully updated yet to the current version, and have things that doesn't exist anymore (like Dev/Live mode for ex).
After making sure that my app can work with my localhost by changing:
Settings -> Basic -> App Domains -> 'localhost'
Settings -> Basic -> Add platform -> Website -> 'http://localhost:8000/')
Add Product -> Facebook Login -> leave everything empty
Make sure to run my localhost with localhost and not 127.0.0.1.
It seems that the Facebook JavaScript SDK doesn't work from an http url.
As I'm working on localhost (so not in https) it is quite annoying. After checking the FB documentation and some tooltips in the Facebook login settings, it seems that localhost should work without https enabled. And if that wasn't enough: the Enforce HTTPS button is greyed-out and cannot be turned off anymore.
I also tried to put something in the Valid OAuth Redirect URIs, but the field/tooltip doesn't let you put http://localhost:8000/:
http://localhost redirects are automatically allowed while in development mode only and do not need to be added here.
As mentioned above, there is no such thing as development mode anymore, or at least no button or anything to change or even see the mode on their new interface.
Did anyone managed to make his localhost work with the JS SDK?
Ngrok and other answers are indeed appreciated, but I would like to know first if there is a "real" solution (on FB side) at this problem ("No there isn't yet" is an acceptable answer as it will probably save a lot of time for other people).
Thanks a lot!
Edit: The dev/live mode distinction still exists, but only for apps developed by individual developers. For business apps, they have been replaced with access levels. (see comment, #CBroe)
However, I tried without being in business, but it didn't work either.
It seems like there isn't any solution for my problem on Facebook side, the JavaScript error clearly says:
The Login Button plugin no longer work on http pages. Please update your site to use https for Facebook login.
As the link in the error goes to a blog post (not the documentation) and as I didn't find anything related to that problem in FB doc, well... can't use it in http pages.
Therefore for other people searching for a solution, I would recommend another StackO thread on how to turn your localhost django app to run in https (as I'm working with Django).
For those working with Google Chrome, following the above thread, you'll need to turn off Chrome error about your connection not being private, here is how:
open a new tab
paste : chrome://flags/#allow-insecure-localhost
enable the option 'Allow invalid certificates for resources loaded from localhost.'
Please, feel free to post another solution to my question if there is finally a way to make it work, or an update from FB side later on.

Facebook custom tab not visible to non-logged in users

Pretty much what the title says.
There are tons of questions about this but the vast majority was only a matter of a missing HTTPS URL, a couple are due to misconfigured app restrictions, and the rest are unsolved.
I have no country or age restrictions in my app, I have both HTTP and an HTTPS URLs, I can see the page when logged in as a page admin and everything works fine, but when visiting the page while logged out, I don't see the tab.
Also, this is not a matter of clicking the tab and not having any content displayed, like in some other questions here. If I'm logged in with my The actual tab link is missing and if I copy the tab URL from when I'm logged in and then try to access it while logged out, I am simply redirected to the page.
I don't think it matters much but this is a tab that has been created via the Graph API. The Graph API docs don't mention anything about tab visibility, at least as far as I see.
This is driving me crazy, I've been at it for hours and can't find any solution or even a hint at what the problem might be.
Any ideas?
EDIT: All I described above is happening with our staging application, which has a self-signed SSL certificate. The live application, which has a "proper" SSL certificate, works just fine. Could the self-signed certificate be the cause of the problem?
Had the same issue this morning. Remove any audience restrictions from your app e.g 13 + or location as this means people have to login to see your app.
So it turns out it was stupidly simple: it was happening on our staging application but not on our live application because our live application uses a non-test FB app, while staging uses a test FB app, which is never seen by people who are not developers (or other staff) on that app.
Talk about wasted time...

iframe facebook app with woobox

I recently made a iframe app/page for my FB fan page with woobox. I have 100% SSL hosting, however, a lot of users are saying that they are unable to load this iframe site. Everything works 100% for me and many other visitors, but some are saying that page displays some server connection error. Any ideas? Manye I need to include some FB scripts in order for iframe page to work 100%?
When I load the app with this iframe, connection is secure so SSL shouldnt be the prob. I did however get very cheap SSL, can this be the problem?
Likely what is happening is that while your Facebook connection is secure, the contest in the iframe is still pointing at the http:// version of your page and not the https:// version. Most static iframe apps aren't smart enough to check this, so they serve insecure content on a secure page.
The majority of browsers will be fine with this, but some people might have their browser security settings tweaked a little bit differently and that's probably where you're seeing people unable to access your frame content.
An easy solution is to just have the static iframe app ALWAYS direct to your https:// content, that way, what you're serving is secure whether or not the user is browsing facebook on http:// or https://

vBulletin Facebook App not working from within Page

I have installed the vBulletin Facebook app for a client, and am trying to link the app page from within the sidebar on the Fan Page for the site. However, the page returned upon clicking the link is blank. I think this may be a fault on vBulletin's side (which sadly has little to no debugging facilities that I can see), possibly the referrer does not match the App URL. Has anybody come across this problem before?
Any possible workarounds via Facebook? I have tried setting the Page URL to the apps.facebook.com URL but it didn't work and through a search I've found that it's not the right approach anyway.
Edit: I have also tried iframe within an iframe, like setting the page url to a page and having an iframe in that one. It didn't work, but then again it's fairly obvious why it didn't. The last resort I think would be to see if I could reverse engineer the vBulletin code to ignore referrers or allow a different one (if it's even the problem).
Double edit: Perhaps just a way to send a link off to a new window via the app tab??
Thanks
Is it coming from an SSL site? I think now all fan pages have to come from an SSL site or they will error out. -Buddy

Disable Facebook mobile browser detection?

Does anyone know of a way to disable the mobile browser detection and redirect feature of Facebook via querystring parameters?
For example, if I go to www.facebook.com/CraigslistGenie in a mobile browser, I get redirected to http://m.facebook.com/CraigslistGenie. I would like the user to stay on the www version of the page.
you either change the user-agent to achieve that or you add ?m2w to the link i.e. http://www.facebook.com/CraigslistGenie/?m2w does NOT redirect (tested on Android) while http://www.facebook.com/CraigslistGenie does redirect to http://m.facebook.com/CraigslistGenie
For reference see here and here.
The first answer is correct, however if you want it to work on an Android phone (and keep working when you click on links within the site) you need to go into the browser settings (after you've gone to the http://facebook.com?m2w) and check the "Desktop version" setting.
This will prevent the browser from constantly trying to send you to either the mobile version of the site or the FB app.
Method given by Yahia is good. Adding ?m2w to link means converting mobile to web view.
Or,
Change settings of mobile browser i.e. User Agent. Both Steel and Dolphin browsers allow you to change that setting however. Both are free in the market. (I am not doing any marketing of browsers.)
Some of you may have noticed that, despite changing the User-Agent in the browser, you are still sent to a mobile website anyway. Check this patches given.
Check this huge discussion about tricks used for hiding mobile browser.