I have an app that only runs on https. So my Pag Tab URL and Secured Page Tab URL have the same https url.
I have noticed that I get a blank signed request for users who are using Facebook on http.
Is there a way by which I can get the users to see my secured content even when they are accessing facebook from http?
Facebook says that this configuration is not supported by design. Apps must be available via both HTTP and HTTPS.
Source: http://developers.facebook.com/bugs/210713629051920/
Unfortunately it is necessary you always provide a HTTP alternative
for FB users who want to visit your App under HTTP. In your specific
case, in your http endpoint you will be able to display an specific
message to these users encouraging them to visit the HTTPS version of
your App.
Related
I am using Google Analytics Admin API to provision accounts for connected clients as described in docs. When I accept ToS, the redirect URL opens in an iframe in the ToS page instead of a full redirection.
I have added the redirect URL as authorized redirect uri in Google Cloud Platform. I have tried setting redirect URL to point to a page in frontend. I have also tried server-side redirection via API endpoint using Location header but nothing is working so far.
Are there any configuration I am missing so that I can get full redirection back to the app? The docs only specified that redirect URL should handle HTTP GET requests and that it should match a valid redirect uri in GCP.
im a newbie in graph facebook api. I try to get MY_VERIFICATION_CODE by send http request:
link1: https://facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=https://www.facebook.com/connect/login_success.html
and then Facebook will redirect to http://www.facebook.com/connect/login_success.html? code=MY_VERIFICATION_CODE
but I cant get code from response. I copy link1 to chrome, it redirects to url with a code appended as parameter, but this url stays just for seconds and then it changes to this: https://www.facebook.com/connect/blank.html#=
My question is how to read the code from the redirected uri in a java desktop application?
It's all described in the docs at
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3#login
Quote:
When using a desktop app and logging in, Facebook redirects people to the redirect_uri mentioned above and places an access token along with some other metadata (such as token expiry time) in the URI fragment:
https://www.facebook.com/connect/login_success.html#access_token=ACCESS_TOKEN...
Your app needs to detect this redirect and then read the access token out of the URI using the mechanisms provided by the OS and development framework you are using. You can then skip straight to the Inspecting access tokens step.
If you have the Save Surfing setting in your account settings in Facebook set to unsecured, you notice you use Facebook via HTTP. Of course if you set it to On, you surf via HTTPS.
Now all Facebook apps are using HTTPS since Facebook doesn't allow apps to use HTTP since October 2011. But if a user (with no HTTPS on their Facebook account) wants to visit the Secured HTTPS App it just gives an empty page.
Is this a bug from Facebook, or?
Now all Facebook apps are using HTTPS since Facebook doesnt allow apps to use HTTP since October 2011.
That’s not true.
All canvas/page tab apps must offer the option to be accessed via HTTPS – but should offer HTTP as well.
But if a user (with no HTTPS on there Facebook account) wants to visit the Secured HTTPS App it just gives an empty page. Is this a bug from Facebook, or?
No, this is an error on your (resp. the app developers) part – in the app settings, there should be URLs set for both HTTP and HTTPS.
If that’s the case, then a user browsing Facebook via HTTP has no problem accessing the app as well.
Facebook App page will get a SSL error when coming from secure hypertext protocol(https)) Facebook account to non secure(http) Facebook App Page, which happens due to lack of SSL Certificate in Facebook App hosted server. I am trying to change base url from httpsto http to avoid SSL error.
Is it possible to change base url from https to http from iframe?
Is it possible to change base url from https to http from iframe?
Even if it is, that’s no solution to your problem – because the iframe content will be pulled over HTTPS first, if the user is browsing Facebook over HTTPS – and since you app does not support HTTPS, this will fail already. So you will not even get to a point where code from your app will be loaded, let alone executed, in this scenario.
You’ll have to get an SSL certificate for your app domain.
I am writing a Facebook Tab application. I have set it up to be dynamic based on the page that the Facebook user is adding our tab to. When developing, all of my requests are coming to my application as POST requests and included the signed_request parameter. As soon as I got this thing on our production server, it started sending all requests as GET nd did not include the signed_request. The only changes that I made prior to launching was to modify the URLs in the Facebook tab settings to point to our server as opposed to localhost. What is going on here? Why is Facebook changing the request type?