Been reading the docs about canvas and secure canvas, mainly due to the requirement that we provide a secure url before october 1. However, I cannot determine with any sense of certainty that we actually need to use a secure canvas.
If we only want to provide the ability for users to "login" and "like", do we even need a canvas? As far as I can tell, a canvas is something that facebook creates an iframe for, which points to a canvas url we provide, which is ultimately displayed on the facebook site.
Any clarification would be appreciated.
Apps accessed via facebook.com (i.e apps.facebook.com/something or via a Page Tab) will need to be accessible over HTTPS - you won't need to make your site to be available over HTTPS for the social plugins or off-Facebook API usage to work
The blog post with the details is https://developers.facebook.com/blog/post/499/
Specifically: All Apps on Facebook (Canvas and Page Tabs) must support HTTPS by October 1.
Related
I've made a website, which relies on Facebook OAuth in order for the user to participate in a competition.
The canvas URL within Facebook differentiates between https://www.mycompetition.com/ and https://mycompetition.com
Our server is set up to receive both entries, but if I enter the site using www, Facebook complains that the URL doesn't match when authorizing.
Do you know how to make Facebook accept both entries?
Solved, by the way. The webserver now contains two websites. The first contains the website, the second one just redirects to the first one, using JS. Easy :)
So here's my use case:
A user sees a cool product on a shopping website (sample-shopping-site.com)
They want to share this product with their friends on facebook
They however want to pass the information to an intermediary site (a-sharing-app.com - that i'm trying to develop), that posts to facebook on my behalf.
My questions:
Is this even allowed by facebook? i.e. can a-sharing-app.com put a widget on sample-shopping-site.com, so that a person visiting sample-shopping-site.com can share on facebook via a-sharing-app.com?
If yes, could you point me to helpful bits on the facebook developers API page?
Just want to clarify: the APIs and most questions/examples on the internet point towards sharing directly from sample-shopping-site.com to facebook, by registering sample-shopping-site.com as an App with facebook.
I however want to register a-sharing-app.com as an App, and then putting a widget of a-sharing-app.com on any page (such as sample-shopping-site.com) allows me to share on facebook by passing information to a-sharing-app.com
As far as I know there is no Facebook guidelines that restrict what you want to achieve, so I may safely say that yes, you can create an app so that a person visiting sample-shopping-site.com can share on facebook via a-sharing-app.com . I can even mention a well know service that is doing the same, Disqus.
How you can implement this feature is a little up to you but may I suggest what Disqus or apps like it are doing is, they use the JavaScript API of Facebook to integrate and are mostly enabled within an iframe that loads content from their domain. The exchange of information between sample-shopping-site.com and a-sharing-app.com is done by the JavaScript loader which loads the necessary iframe then. The other things you would like to check would be Dialogs which you may use for different cases, or you may do it on your own using the FB.api and make API calls to the Graph API for sharing data.
Is wall sharing (performed through the FB JS API) in any form related to the Site URL setting for a given application? Users don't actually log in to our website using the tool - they just share the URLs on their walls via an application we've setup.
We are looking for expert confirmation on the subject as we'd like to change the Site URL in support of a new login provider wrapper (Janrain).
No, you can share urls even if the Site Url is not supplied. But the domain should be listed in the "App Domains" box. This shouldn't be a problem since it supports multiple domains. An example would be both myapps.mydomain.com and myapps.myotherdomain.com are listed there. I think this is ok in your case.
I'm building an app using Backbone.js and a private API that serves assets and JSON.
Most content in the app is accessed through the root '/' and the Backbone router serves up views based on the hash (ie /#about or /#view).
The problem is that when a page is shared to Facebook, it scrapes the main page and seems to disregard anything past the hash mark.
Are there any good rules of thumb for url paths or content that is not highly dynamic to make the app more presentable to Facebook, Google, etc?
Google has some good info on making AJAX apps crawlable.
https://developers.google.com/webmasters/ajax-crawling/
You could create a dummy page on your site with a full URL that is only accessible to the bots that Facebook and Google use. I'm not sure what Google's user agent is, but Facebook's is listed here:
https://developers.facebook.com/docs/reference/plugins/like/#scraperinfo
So you could have a blank page on /item/itemid1/ that is only accessible to the bots, point your og:url tags to that blank page and have the correct metadata on it for the Facebook scraper. Whenever a regular user tries to access it, redirect them back to the correct hash-based URL.
I realize these questions have been asked before on Stackoverflow, but now that FBML is being deprecated, it seems like the answer may have changed.
I have a website that utilizes the Facebook API, which in current terminology I believe makes it a Facebook Platform website. This is now a Facebook Canvas App, which are apps that appear on Facebook itself in iframes.
The Requests Dialog would seem perfect for this, if not for the fact that it's tailored for sending invites for Canvas Apps, and in my case, the Canvas App is simply a blank page assigned to me when I got a Facebook API key. I suppose I could just put a welcome screen and a link on that page for users to click-through, but it's one more click and that much more friction, and a generally hackish approach.
I've found references indicating there was once a way for users to utilize FBML to send an Application Invite, which is not the same as a Request Dialog, such that when a recipient click Accept, they were sent to a URL instead of a Facebook Canvas App. However, as I noted, FBML is in the process of being deprecated.
In light of this, how can a non-Canvas website allow users to send invites to their Facebook friends?
The requests dialog is currently the only supported way. As as alternative you can use the old Facebook REST API to call notifications.sendEmail, which will send the user an email either to their actual email account or their Facebook mail account. That page says that an equivalent graph API method will eventually come to replace this method.
I ended up using the Request Dialog, and hosting on my canvas page a redirect as per:
Redirect User to my Website on a Facebook Canvas Page
Gave the nod still to OffBySome's answer, though, because of his useful information that led me to settle on the Request Dialog.