X-Frame-Options禁止的Facebook App错误 [英] Facebook App Error forbidden by X-Frame-Options

问题描述

我正在构建一个Facebook应用程序，目前它处于沙盒模式.我的代码:-

I am building a facebook app currently it is in sandbox mode. My code :-

index.php

index.php

<?php
ob_start();
@session_start();

require 'facebook.php';
include_once('config.php');


$facebook = new Facebook(array(
            'appId' => APP_ID,
            'secret' => SECRET_KEY,
            ));

$user = $facebook->getUser();

if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
    $user = null;
  }


    if (!empty($user_profile )) {
        # User info ok? Let's print it (Here we will be adding the login and registering routines)

        $username = $user_profile['name'];

        //echo '->'.$username;exit;
        $uid = $user_profile['id'];
        $email = $user_profile['email'];


        @session_start();
        //$_SESSION['id'] = $userdata['id'];
        $_SESSION['oauth_id'] = $uid;

        $_SESSION['username'] = $username;
        $_SESSION['email'] = $email;
        $_SESSION['oauth_provider'] = 'facebook';
        header("Location: home.php");

        ?>

        <?php


    } else {
        # For testing purposes, if there was an error, let's kill the script
        die("There was an error.");
    }
} else {
    # There's no active session, let's generate one
    $login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
    header("Location: " . $login_url);
}
?>

在这里，我正在检查用户是否已登录，如果它是已登录用户，然后重定向到home，php，否则将重定向到facebook的登录页面.

Here I am checking if the user is login or not if it is a logged in user then redirect to home,php else to login page of facebook.

但是当我在Facebook上运行我的应用程序时，它会在控制台上引发错误:-

but when i run my app on facebook it throws error on console :-

拒绝显示文档，因为X-Frame-Options将其设置为"DENY"，因此X-Frame-Options禁止显示

Refused to display document because display forbidden by X-Frame-Options because it set 'X-Frame-Options' to 'DENY'

我还尝试了这解决方案，但无法正常工作

Also I tried this solution but it wont work

推荐答案

您无法在任何框架内显示登录对话框-这是一种防网络钓鱼的措施，应该使用户始终能够验证登录名显示的对话框确实是来自facebook.com，而不是从其他任何网站加载的虚假内容.

You can not display the login dialog within any kind of frames – that’s an anti-phishing measure, the user is supposed to be always able to verify that the login dialog they are shown is indeed from facebook.com, and not a fake loaded from any other site.

您必须在顶部窗口实例中重定向到它.无法在服务器端完成此操作，因此您必须使用JavaScript:

You have to redirect to it in the top window instance. This can not be done server-side, so you have to use JavaScript:

<script>top.location.href = "…";</script>

这篇关于X-Frame-Options禁止的Facebook App错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！