帆布下运行时，Facebook并没有显示身份验证 [英] Facebook does not show authentication when running under canvas

问题描述

我已经与Facebook集成登录一个网站，使用服务器端验证。

I have a web site already integrated with Facebook login, using server-side authentication.

我有一个问题，把它变成Facebook的下运行的应用程序。

I have an issue to turn it into an application running under Facebook.

的问题是，Facebook并没有显示在所有认证页面

所以，我没有得到，甚至到真正的服务器身份验证过程。

Therefore, I am not even getting to the server authentication process for real.

现在，应用程序我的本地机器上运行。

Right now, the application is running on my local machine.

我的应用程序被定义为Facebook应用程序：（localhost作为网站安全的目的之前添加空白只）

My app is defined as Facebook Application: (adding blank before localhost for site security purpose only)

• 画布网址：HTTP：//本地主机：4300 / fbopt /


• 安全帆布网址：https：//本地主机：4303 / fbopt /

[同样的问题，在沙箱中运行时发生，无安全URL]

[same problem happens when running in a Sandbox, without Secure URL]

我有一个粉丝页面和转到应用按钮那里。
pressing一个按钮，让我的网址：
https://apps.facebook.com/ [APPID] /？fb_source =时间表

I have a "fan page" with "Go to App" button there. Pressing a button leads me to the URL: https://apps.facebook.com/[appid]/?fb_source=timeline

浏览器开始与框架加载页面。
下架使POST请求我提供的URL。

The browser starts loading the page with the frames. The lower frames makes the POST request to the URL I provided.

我的申请页面重定向到以下网址：

My application redirects the page to the following URL:

https://www.facebook.com/dialog/oauth?client_id=[appid]&redirect_uri=https://localhost:4303/fbopt/hook&scope=email,user_location,user_birthday

https://www.facebook.com/dialog/oauth?client_id=[appid]&redirect_uri=https://localhost:4303/fbopt/hook&scope=email,user_location,user_birthday

我预计Facebook来显示应用程序的认证形式，所需的权限。

I would expect Facebook to show up the application authentication form, with the permissions required.

不幸的是，这种情况不会发生。的一个空白页框内所示，HTML是空的！的

Unfortunately, this does not happen. An empty page is shown within the frame, HTML is empty!

我看（从Chrome网络调试器）的URL确实访问，但响应是HTTP 200状态（没有错误），但没有响应数据。相反，越来越

I see (from the Chrome network debugger) that the URL is indeed accessed, but the response is with HTTP 200 status (not error), but no response data. Instead, getting

X框选项：DENY

X-Frame-Options: DENY

响应头 - 渲染否认范围内！为什么呢？

response header - rendering denied within frame! Why?

在加载上面的网址手动之外Facebook的框架结构，我做了正确的权限得到验证画面。

When loading the URL above "manually" outside the Facebook frames structure, I do get the authentication screen with the right permissions.

我不知道什么是缺少让它用帆布工作。

I wonder what is missing to get it work with canvas.

这是我要补充的，或者如何调试这样的问题任何暗示 - 将AP preciated

Any hint on what I should add, or how to debug such a problem - will be appreciated.

谢谢，
马克斯

Thanks , Max

推荐答案

看起来像我根本问题是，我是想整个页面重定向，而不​​是一个框架重定向。

Looks like me fundamental problem was that I was trying to redirect the whole page, instead of making a frame redirection.

在这里开始：
<一href=\"http://stackoverflow.com/questions/9100916/blank-canvas-refused-to-display-document-because-display-forbidden-by-x-fram\">Blank帆布=＆GT; 拒绝显示文档，因为显示器的X帧选项禁止的。

走到这里：
https://developers.facebook.com/docs/howtos/login/登录换帆布/

它说：

由于您的应用程序在iframe装载，返回一个302将用户重定向到登录对话框将不会成功。相反，你必须通过设置的Javascript window.top.location属性，它会使父窗口重定向到登录对话框网址

Because your application is being loaded in an iframe, returning a 302 to redirect the user to the Login Dialog will be unsuccessful. Instead you must redirect by setting the Javascript window.top.location property, which causes the parent window to redirect to the Login Dialog URL

这可能是我的重大失误。

This was probably my major mistake.

最大

这篇关于帆布下运行时，Facebook并没有显示身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！