Facebook连接一个具有多个域的应用程序? [英] Facebook Connect for one application with multiple domains?
问题描述
我正在实现可嵌入不同网站的插件(一个Meebo,Wibiya),我想使用Facebook Connect。该插件应该嵌入到具有不同域名的站点中。问题是,Facebook连接只允许每个应用程序注册一个域名。
I'm implementing a plug-in that's embeddable in different sites (a la Meebo, Wibiya), and I want to use Facebook Connect. The plug-in is supposed to be embeddable in sites with different domain names. Problem is, Facebook connect allows only one domain per application you register.
问题是,如何为单个Facebook应用程序提供多个域,假设:
The question is, how can I have multiple domains for a single Facebook application, assuming:
-
当用户在一个站点上允许应用程序时,他们也不必在其他站点上允许它。
When users "Allow" the application on one site, they won't have to "Allow" it on other sites as well.
最初,登录后,用户将不会在他们登录的每个网站上看到弹出式窗口(即 - d不要打开一个链接到我的域,并从那里登录过程)。
Preferably, after the initial log-in, users won't see a pop-up opening on every site they log-in to (i.e. - I'd rather not open a link to my domain and do the log-in process from there).
是否还有这样做?
如果没有,我唯一的选择是管理来自单个域的所有登录,并将cookie传递回原始域?
如果我在域之间传递Cookie,我如何确保Facebook将来不会阻止这种行为?
Is there anyway of doing that?
If not, is my only option is to manage all the log-ins from a single domain and pass the cookies back to the original domains?
And if I pass the cookies between domains, how can I be sure that Facebook won't block this kind of behavior in the future?
我很感激任何建议,如果有可能的话,d喜欢官方的解决办法。
I'd appreciate any suggestions, though I'd prefer an official solution over hacks, if at all possible.
推荐答案
我假设你是用Naitik Shah的facebook.php?您的小部件需要在每个页面上,包括异步脚本connect-js 。
我目前正在开发一个基于Facebook登录的应用程序。
Im assuming you are using facebook.php by Naitik Shah? Your widget would need to be on every page of course and include the async script connect-js. I am currently developing a facebook login based application myself.
我会说最好的解决方案也是通过自己的域登录并传递cookie。您的应用程序/小部件将是唯一允许与其共享信息的应用程序。与单页解决方案的操作不同,应该是不同的。我设想一个PHP插件,它从外部域执行登录,并通过小部件将cookie传递到站点。安全地返回cookie你想要的东西(除了像躲在div中的东西一样的东西,并检索它...或是黑客可能会尝试欺骗的东西)。该网站将使用cookie作为帐户和用户ID目的,该小部件将使用异步脚本(但通过不同的域路由)来控制所有登录操作和会话查找。
I would say the best solution is too login through your own domain and pass the cookie. Your app/widget will be the only one they allow to share information with. Nothing should be different in operation from a single page solution. I envisage a PHP plugin which executes a login from an outside domain and passes through the cookie to the site via the widget. return the cookie securely how you wish (except for something dodgy like storing it in a div and retrieving it..or something a hacker could try to spoof). the site will then use the cookie for account and user id purposes and the widget will control all login actions and session finding using the async script (but routed through a different domain).
对不起,我不能更多的帮助,但这是我能想到的唯一解决方案,似乎你已经有了。
Sorry I can't be more help but this is the only solution I can think of, and it seems you have already anyway.
在保持会话控制方面在不同的域中,您只需要第三方Cookie即可。一旦您的网页被激活了您的域名,您将已经拥有该域的cookie,如果您尚未注销或尚未过期。使用外部管理域的好处。
In terms of keeping session control across different domains you only need the 3rd party cookie to be active. Once your page is activated for your domain you will already have the cookie for that domain if you haven't logged out or it hasn't expired. A benefit of using an outside management domain.
与多个域的任何成功的hack相比,这似乎也是最可靠的方式,因为我会看到fb和Oauth2与通过认可方批准的另一方的认可方共享信息(cookies)完好.0。但是,如果他们认为用户会遇到隐私问题,可能会有问题,因为您可以在没有用户许可的情况下在任何网站上共享cookie。所以你必须小心,通知用户他们将被自动登录的所有网站,并对他们进行对待。
It would seem this is also the most reliable way compared to any successful hack for multiple domains, because I would see fb and Oauth2.0 as being ok with an approved party sharing info (cookies) to another party approved by the approved party. But.. It could be problematic if they think the user will have privacy issues, because you could potentially share the cookie on any site without the users permission. So you have to be careful about notifying the user about all the sites they will be auto logged into and treating them with respect.
祝你好运,希望你让我们知道如何去。
Good luck with it, hope you let us know how it goes.
这篇关于Facebook连接一个具有多个域的应用程序?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
