Facebook API和Safari [英] Facebook API and Safari

问题描述

更新和解决方案：原来，问题是基于我用于我的开发人员网址的重定向，导致浏览器感觉到我的网页设置的所有Cookie作为第三方Cookie。

Update and solution: It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.

我正在使用一个ASP.NET应用程序与Facebook认证。为此，我使用 Microsoft的Facebook SDK 结合Facebooks Javascript API。一切正常，除了Safari。 Safaris默认设置是不接受第三方Cookie，这会导致：

I'm working on an ASP.NET application with Facebook authentication. For this I use Microsofts Facebook SDK in combination with Facebooks Javascript API. Everything's working, except for Safari. Safaris default setting is to not accept third-party cookies, which results in:

• 我可以通过Javascript访问Facebook会话。


• 我无法访问Facebook会话服务器端，因为Cookie从未设置并从Safari发送。

这是我的与Facebook（JS）相关的客户端代码：

This is my client-side code related to Facebook (JS):

<div id="fb-root"></div>    
<fb:login-button>Login with Facebook</fb:login-button>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
    FB.init({ appId: 'myAppId', status: true, cookie: true, xfbml: true });
    FB.Event.subscribe('auth.login', function (response) {
       if (response.session) {
           window.location.reload(); //Results in eternal reload of page
       }
    });
</script>

这是我的获取用户id服务器端（C＃）的代码：

This is my code for fetching the user id server-side (C#):

public string FacebookUserID
{
    get
    {
        FacebookSettings settings = new FacebookSettings();
        settings.AppId = "myAppId";
        settings.AppSecret = "myAppSecret";
        FacebookApp app = new FacebookApp(settings);
        Authorizer auth = new Authorizer(app);

        return (auth.IsAuthorized()) ? app.Session.UserId : null;
    }
}

我想我不是唯一一个同样的问题，但我搜索了Facebook开发人员论坛和这里，并没有找到一个解决方案。

I guess I'm not the only one with the same problem, but I've searched both the Facebook Developer forum and here and haven't found a solution. It's really more of a Safari problem than a Facebook-specific problem.

我一直在考虑通过GET / POST /我将用户ID发回到服务器自己的cookie，但这是一个丑陋的解决方案和潜在的安全问题。

I've been thinking about posting the user-id back to the server through GET/POST/my own cookie, but that is an ugly solution and a potential security issue.

任何想法？

推荐答案

原来这个问题是基于一个重定向我用于我的dev网址，导致浏览器感知所有的cookie设置为我的页面作为第三方cookie。 Facebook JS API会话Cookie未设置为第三方Cookie。

It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.

这篇关于Facebook API和Safari的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！