0

I'm using Ruby on Rails with koala gem and heroku host. Everything works fine when user goes to and authenticates on the myapp.heroku.com. However, no one can see the permission dialog box if they go to apps.facebook.com/myapp. I learned that it is because facebook denies calling facebook url inside its iframe. They can use the app after authorizing on the website though. So my question is how can I authenticate or ask for permissions inside facebook canvas? i.e. show the permission diaglog box.

Cœur
  • 37,241
  • 25
  • 195
  • 267
clouddreams
  • 622
  • 1
  • 4
  • 13
  • I'm not super clear on the question - here's information on facebook login stuff -https://developers.facebook.com/docs/concepts/login/login-architecture/ - precisely what are you trying to do? – MrSynAckSter Mar 17 '13 at 19:02
  • if they go to the apps.facebook/myapp, they get a blank page because facebook permission dialog doesn't appear. But if they go to myapp.heroku.com, they see the dialog and accept to continue using the app. Also after authorizing from there, they can now use the app at apps.facebook.com/myapp. – clouddreams Mar 17 '13 at 19:05
  • http://stackoverflow.com/questions/10834961/facebook-auth-dialog-doesnt-show-up-in-page-tab - seen this? – MrSynAckSter Mar 17 '13 at 19:11
  • yes, that's how I know it's blocked for security. But I'm still unclear how to fix this after reading the solution. I don't have any anchor tag to insert "_blank" and not sure where to put the JS code in my Rails app either. That's why I made this question. – clouddreams Mar 17 '13 at 19:22

2 Answers2

0

Figured I need to use myapp.herokuapp.com instead of myapp.heroku.com for my SITE_URL and canvas url for it to work inside Facebook. Also I changed the login flow using the Facebook JS SDK login. Problem solved.

clouddreams
  • 622
  • 1
  • 4
  • 13
0

I have the same problem. However, I am not hosting on Heroku, so I am curious in what way myapp.herokuapp.com behaves differently from myapp.heroku.com. The problem is that omniauth-fecebook forces a redirect to display the permissions box, and Canvas doesn't allow redirects, so it remains blank.

CoupDeMistral
  • 188
  • 1
  • 9