Facebook API和Safari [英] Facebook API and Safari
问题描述
更新和解决方案:原来,问题是基于我用于我的开发人员网址的重定向,导致浏览器感觉到我的网页设置的所有Cookie作为第三方Cookie。
Update and solution: It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.
我正在使用一个ASP.NET应用程序与Facebook认证。为此,我使用 Microsoft的Facebook SDK 结合Facebooks Javascript API。一切正常,除了Safari。 Safaris默认设置是不接受第三方Cookie,这会导致:
I'm working on an ASP.NET application with Facebook authentication. For this I use Microsofts Facebook SDK in combination with Facebooks Javascript API. Everything's working, except for Safari. Safaris default setting is to not accept third-party cookies, which results in:
- 我可以通过Javascript访问Facebook会话。
- 我无法访问Facebook会话服务器端,因为Cookie从未设置并从Safari发送。
这是我的与Facebook(JS)相关的客户端代码:
This is my client-side code related to Facebook (JS):
<div id="fb-root"></div>
<fb:login-button>Login with Facebook</fb:login-button>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({ appId: 'myAppId', status: true, cookie: true, xfbml: true });
FB.Event.subscribe('auth.login', function (response) {
if (response.session) {
window.location.reload(); //Results in eternal reload of page
}
});
</script>
这是我的获取用户id服务器端(C#)的代码:
This is my code for fetching the user id server-side (C#):
public string FacebookUserID
{
get
{
FacebookSettings settings = new FacebookSettings();
settings.AppId = "myAppId";
settings.AppSecret = "myAppSecret";
FacebookApp app = new FacebookApp(settings);
Authorizer auth = new Authorizer(app);
return (auth.IsAuthorized()) ? app.Session.UserId : null;
}
}
我想我不是唯一一个同样的问题,但我搜索了Facebook开发人员论坛和这里,并没有找到一个解决方案。
I guess I'm not the only one with the same problem, but I've searched both the Facebook Developer forum and here and haven't found a solution. It's really more of a Safari problem than a Facebook-specific problem.
我一直在考虑通过GET / POST /我将用户ID发回到服务器自己的cookie,但这是一个丑陋的解决方案和潜在的安全问题。
I've been thinking about posting the user-id back to the server through GET/POST/my own cookie, but that is an ugly solution and a potential security issue.
任何想法?
推荐答案
原来这个问题是基于一个重定向我用于我的dev网址,导致浏览器感知所有的cookie设置为我的页面作为第三方cookie。 Facebook JS API会话Cookie未设置为第三方Cookie。
It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.
这篇关于Facebook API和Safari的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!