1

When I'm doing a server-side redirection in a Facebook iframe application, I get the this strange Facebook Logo with a link. When I click it, I get redirected to site I set the redirection to in the first place. What happens here? Any "Click Protection" in place?

Thanks!

Redirection Code:
Tried Client Redirect 

    args = dict(client_id=FACEBOOK_APP_ID, redirect_uri=base_dir , scope='user_photos,email,offline_access')
    return render_to_response('fb/nopermission.html', { 'javascript': "<script>window.top.location=\"" + "https://graph.facebook.com/oauth/authorize?" + urllib.urlencode(args )+ "\"</script>"  } )

and Server Redirect: 

args = dict(client_id=FACEBOOK_APP_ID, redirect_uri=base_dir , scope='user_photos,email,offline_access')
return HttpResponseRedirect(https://graph.facebook.com/oauth/authorize?" + urllib.urlencode(args))

Same Result in both cases

alt text

Glorfindel
  • 21,988
  • 13
  • 81
  • 109
Henrik P. Hessel
  • 36,243
  • 17
  • 80
  • 100

2 Answers2

0

Arrgh! Facebook has such a shitty documentation that I hit upon zillion problems while developing for it.

This one is because you cannot redirect directly from with your app. use a href link and specify the target property to _top or use the javascript

window.top.location="redirecturl"

to workaround this bug.

Ganesh Krishnan
  • 369
  • 3
  • 6
0

For redirection purpose use this code:

<html><head>
<script type="text/javascript">
  window.top.location.href = "<?php echo $loginUrl; ?>";
</script>
<noscript>
  <meta http-equiv="refresh" content="0;url=<?php echo $loginUrl; ?>" />
  <meta http-equiv="window-target" content="_top" />
</noscript>

Hafiz
  • 4,187
  • 12
  • 58
  • 111