I'm trying to access/login to Facebook with a program (OverbyteIcsHttpTst.exe) compiled with Delphi using the component ThttpCli (ICS-SSL, which is the latest version that supports https).
The idea is that I want to to access Facebook just like an ordinary browser does.
For example, I tried to login by using "post" to send some data to Facebook with the following code:
https://login.facebook.com/login.php?login_attempt=1
POSTDATA=charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&locale=en_US&email=yourmail%40yahoo.com&pass=yourpassword&charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&lsd=XAN99
CooKies : datr=1281135108-ea5c44949be49439183341b84db24aeb6c589ca1d31dc0c0da28d; expires=Sun, 05-Aug-2012 22:51:48 GMT; path=/; domain=.facebook.com;lsd=0ygNR; path=/; domain=.facebook.com;reg_fb_gate=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com;reg_fb_ref=http%3A%2F%2Fwww.facebook.com%2F; path=/; domain=.facebook.com
But I'm still stuck on the main page. Is anything missing?
Thanks.
see if this helps you at all
https://forums.embarcadero.com/thread.jspa?threadID=33184
Related
I have a Perl script which Logs in the user. After the user logs out, I am able to go back to the login page by pressing the back button. How can I prevent the user from doing so. The user should be prompted to login again after logging out. Also, after logging in when I press the back button the page redirects me to the login where logging in again should be mandatory.
In short the user should not be able to access the protected pages unless he authorizes.
A JavaScript solution from http://jakub.fedyczak.net/post/force-page-refresh-on-back-button/:
Put <body onunload=""> in your HTML output
Headers to set, as suggested by Quora's Adam D'Angelo:
Cache-Control: private, no-store, max-age=0, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
In general,you should have some logic on the page that checks if the session is active/present and perform either a redirect (302, 307, etc...) that will send it to a login/authentication page, or a forbidden/authentication error (403, 401, etc...). That in addition to what #mob mentioned already, which will cause the browser to expire its local cache for that page.
in the past few days I started encountering a problem while trying to post to facebook...
For information about my project, I use Unity3D with the social networking plugin from Prime31 for iOS.
Initially, the user is required to login then confirm that the app is allowed to post on the user's timeline.
This happens without flaw and I get response that everything happened properly, until I attempt to post to the timeline. Then I get a 500 internal server error.
here is the error the facebook api gives out:
response error: 500 internal server error
response text:
Response Headers:
ACCESS-CONTROL-ALLOW-ORIGIN: *
EXPIRES: Sat, 01 Jan 2000 00:00:00 GMT
CONTENT-TYPE: application/json; charset=UTF-8
WWW-AUTHENTICATE: OAuth "Facebook Platform" "unknown_error" "An unknown error has occurred."
X-FB-REV: 1102018
CONNECTION: keep-alive
PRAGMA: no-cache
CACHE-CONTROL: no-store
DATE: Thu, 30 Jan 2014 15:07:54 GMT
CONTENT-LENGTH: 87
X-FB-DEBUG: q453qH5ianbIOyeof0X0Ah0PDpAlkxW9+OxLBusy2do=
and the function i am using to post to facebook is:
Facebook.instance.postMessageWithLinkAndLinkToImage(Message, URL, URLName, ImageURL, Caption, completionHandler);
I do make sure that the user is properly logged in and that the publish permissions have been given.
There has been no code changes with the plugin and my code handling the plugin before and after this issue started to occur, so clearly there is something I am missing. Is this Facebook server's fault? I have already contacted Prime31, but they say that they are not responsible for what the Facebook api responds with.
What can cause 500 internal server error when trying to post to Facebook?
EDIT: it would seem that the postMessageWithLinkAndLinkToImage boils down to:
graphRequest( "me/feed", HTTPVerb.POST, parameters, completionHandler );
A 500 means you are basically crashing the Facebook servers when you make a request. So something definitely changed on the Facebook API that is causing this to happen.
I would check the plugin code and see where it's making the API call, then you can manually make that API call using something like curl. If it fails then contact Facebook support and see if they can point you to the right API documentation.
Recently I noticed that my applications on Facebook stopped to work properly.
When someone opens app who did not authorize in yet I display simple content with link,
When link is clicked, in application I issue redirect (in Spring I return "redirect:...url..") to URL:
https://www.facebook.com/dialog/oauth?scope=email&client_id=317651918315301&redirect_uri=https%3A%2F%2Fapps.facebook.com%2Facnestop&scope=email&response_type=token
it sends 302 with given location to iFrame.
Then blank iFrame is displayed, and following headers from FB are returned:
Cache-Control private, no-cache, no-store, must-revalidate
Connection keep-alive
Content-Encoding gzip
Content-Type text/html; charset=utf-8
Date Fri, 25 May 2012 10:37:11 GMT
Expires Sat, 01 Jan 2000 00:00:00 GMT
P3P CP="Facebook does not have a P3P policy. Learn why here: http://fb.me/p3p"
Pragma no-cache
Set-Cookie _e_1vFX_0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly locale=pl_PL; expires=Fri, 01-Jun-2012 10:37:11 GMT; path=/; domain=.facebook.com wd=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.facebook.com; httponly
Transfer-Encoding chunked
X-Content-Type-Options nosniff
X-FB-Debug VYI+cCm/Vfpx3US82n06uFuw5gF6UQDg+8GUSpGUL9A=
X-Frame-Options DENY
X-XSS-Protection 0
x-content-security-policy... allow *;script-src https://*.facebook.com http://*.facebook.com https://*.fbcdn.net http://*.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:*;options inline-script eval-script;report-uri https://www.facebook.com/csp.php
And just blank iFrame is displayed.
When URL which I redirect to is pasted to browser directly - it displays Facebook prompt to authorise app.
Any ideas why behavior is different when iFrame is redirected from pasting and opening same link in browser?
I noticed this today, previously app was working fine.
This is my sample app:
https://apps.facebook.com/acnestop/
If the user has not authorized your application, you need not handle that, facebook takes care of that.
But handling the case where a user has not logged in you can use getLoginURL
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,user_checkins,etc',
'redirect_uri' => 'https://apps.facebook.com/my-application/'
)
);
Do not forget the trailing slash in redirect_uri
Hope this helps
Taken from Facebook:
Because your game is loaded in an iframe, returning a 302 to redirect the user to the Login >Dialog will be unsuccessful. Instead you must target the top (or _top) frame for redirect, >which causes the parent window to redirect to the Login Dialog URL.
Thus, you must redirect the user manually to something like
https://www.facebook.com/dialog/oauth?client_id=YOURID&redirect_uri=YOUR-REDIRECT-URI
It's because Facebook 0auth don't support iframe anymore.
U can see that in response header x-iframe-options:deny
I'm trying to share to Facebook this url:
http://curation.masternewmedia.org/
or an other url of this domain:
http://curation.masternewmedia.org/p/1689258249/how-to-check-and-verify-news-info-in-real-time-from-social-media.
Facebook linter generates a 200 status code and Could not retrieve data from URL:
http://developers.facebook.com/tools/debug/og/object?q=http%3A%2F%2Fcuration.masternewmedia.org%2F
When I curl the same url everything seems to be ok
$>> curl -I http://curation.masternewmedia.org/
HTTP/1.1 200 OK
Date: Wed, 02 May 2012 08:53:29 GMT
Server: Jetty(7.5.4.v20111024)
Content-Type: text/html;charset=UTF-8
Content-Language: en
Pragma: no-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: userId=e26ee613-8792-4f03-9066-52b6aa09a901;Path=/;Expires=Sat, 30-Apr-2022 08:53:31 GMT
Via: 1.1 www.scoop.it
Vary: Accept-Encoding
Can you please help me to understand how I can fix this issue?
Many thanks in advance
The issue seems to be that the Facebook scraper is seeing nothing at all in the source code of your site. This link will give you a view of what the scraper sees when it visits your site
I'm no expert, but I have a feeling there's something wrong with the object you've specified in the "type" section, i.e. topic
<meta property="og:type" content="topic"/>
Removing this made it work for me. If you have defined a custom action type and are using that, but have not yet had it approved, it might be caused by that. Anyway, it seems to be boiling down to that part.
You can see it working with the url soccerrumors.mobi/test/test.html
This is what the linter shows now:
Errors That Must Be Fixed
Object Type Not Allowed At URL: Object at URL 'http://curation.masternewmedia.org/' of type 'scoop_it:topic' is invalid because the domain 'curation.masternewmedia.org' is not allowed for the application id '165307520164712' which owns the specified object type. If you are the owner of this application, you can verify your configured 'Site Domain' at https://developers.facebook.com/apps/165307520164712.
The other url http://curation.masternewmedia.org/p/1686490068/four-great-curators-to-draw-inspiration-from shows that the og:type is scoop_it:article , and that works fine, so i guess you should be changing to scoop_it:article.
If you are using scoop.it's service then let them know of this problem.
I have an APP that calls Facebook status.get method via the REST server - restserver.php using session key method. This app works fine for most of the users, but for one user I consistently receive HTTP 500 status code. Since this doesn't have any specific Facebook error message, it is almost impossible for me to debug this.
Anyone faced a similar problem? What could be wrong with this user account? I checked the privacy options that I could think of and they look fine.
Also, for the same user, I can use friends.get method without any problem.
EDIT: I tried in Facebook forums as well, but it was of no use. Any pointers in the direction towards debugging/troubleshooting this problem are also appreciated.
EDIT: The full HTTP trace of my request is as follows. Just to be clear the same code works for other users.
REQUEST
=======================
GET /restserver.php?method=facebook.status.get&limit=1&api_key=a134957738cbd097e76bcefee86c75db&v=1.0&call_id=8cc99cec1562a71&format=JSON&session_key=747ad19e9859993f97c20355-1038949180&sig=5f597e80ad081b30c7155e9176a2aa04 HTTP/1.1
User-Agent: Pandemonium
Content-Type: application/x-www-form-urlencoded
Host: api.facebook.com
RESPONSE
=======================
HTTP/1.1 500 Internal Server Error
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-type: application/json
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="DSP LAW"
Pragma: no-cache
Set-Cookie: datr=1269479340-0545d70990e5f2db3b59176d82435f687f48a4bc69b5f11be9364; expires=Sat, 24-Mar-2012 01:09:00 GMT; path=/; domain=.facebook.com
X-Cnection: close
Date: Thu, 25 Mar 2010 01:09:32 GMT
Content-Length: 0
I had the same problem and just added the description field to my API call. When I deleted the description from my fields the server error was fixed. No idea why it can't handle the description field.
$events = $this->facebook->api('/me/events?fields=name,venue,privacy,location');
The user had already approved the status.get permissions?