After user connects with FB, and local user account creation is enabled the user is taken to the site, and breaks out of the iframe.

For an example check http://apps.facebook.com/dupeoff

Comments

egarias’s picture

Using: 7.x-3.3-beta4 Ihad no iframe break
but
After upgrading latest dev, my iframe breaks

This is my code

$block = module_invoke('fb_connect', 'block_view', SOCIAL_HANDS_LOGIN_BLOCK);
return '<div class="'.$class.'">'.render($block['content']).'<div class="descrip"><h3>'.$descrip.'<h3></div></div>';

Please help, I cannot upgrade

Dave Cohen’s picture

Component: Facebook Connect » Canvas Pages (iframe)
Category: bug » support
Status: Active » Postponed (maintainer needs more info)

Links on a canvas page can go anywhere, so it's not a bug that some links go to an external website. In many cases, that's done on purpose.

The trick is how the links are produced in drupal. By default links made with l() or url() calls will stay on the canvas page. But there's no guarantee with module how they are building their links. So if you have a specific link going away from the canvas page, you should determine what module is making it. Drupal core links, ie. menu items, should work.

Also there's caching. If your drupal is serving both canvas pages and also regular pages, drupal may cache a block intended for one and display it on the other. That's a little trickier to customize but if you disable caching you can at least determine if that is the cause.

egarias’s picture

Many thanks,

i need some more help,

My function is called by:

  	$items['orca/publish'] = array(
    	'page callback' => 'orca_social_fb_publish_prepare',
    	'theme callback'=>	'fb_nc_publish_reactions_theme',    	
    	'access callback' => TRUE,
    	'type' => MENU_CALLBACK,
    	'file'	=> 'orca_social.actions.inc',
    	'file path' => drupal_get_path('module', 'fb_nc_publish'),    	
  	);

and the function is:

function orca_social_fb_publish_prepare($client, $mode, $nid=FALSE, $url=FALSE){
	if (!$fbuser = orca_social_get_fb_user()) {
		$descrip = "";
		$class = "comentar";
		switch ($mode){
			case 'post':
				$descrip = 'Conecta con Facebook para Publicar';
				$class .= ' facebookblock';
				break;
			case 'comment':
				$descrip = 'Conecta con Facebook para Comentar';
				break;
			case 'sync':
				$descrip = 'Conecta con Facebook para Sincronizar';
				break;
			case 'share':
				$descrip = 'Conecta con Facebook para Compartir';
				break;				
		}
		
		$block = module_invoke('fb_connect', 'block_view', SOCIAL_HANDS_LOGIN_BLOCK);
    	return '<div class="'.$class.'">'.render($block['content']).'<div class="descrip"><h3>'.$descrip.'<h3></div></div>';		
	}
...

Can you suggest my something??
Thanks I am quite lost

crevillo’s picture

Same hear. the breat is produced after user has autorized the app. it breaks the iframe and redirect you to my home page without the iframes but correctly logged.

P.s. Could it be related to this piece of code on settings file?

// @TODO - somehow detect whether a signed request indicates canvas page or not.
// fb_settings(FB_SETTINGS_TYPE, FB_SETTINGS_TYPE_CANVAS);

That line is it commented. all my calls to fb_is_canvas are returning false even if, i think, they should return true.

egarias’s picture

Status: Postponed (maintainer needs more info) » Active

Changed the status, correct me if i am wrong

Dave Cohen’s picture

I guess I missed it the first time around. You are saying that normal links work as expected, but the connect button is what breaks user out of canvas page? Please let me know if that is correct.

If this problem is not limited to just the connect button, please paste here what you've added to your settings.php. I.e. are you including fb_url_rewrite?

egarias’s picture

For me, it only happens with the connect button, once connected I have a form and it works well inside the iframe.
I did not upgrade and using 7.x-3.3-beta4 because with this version the connect doesn´t break iframe.
Here are the last lines of setting.php

if (!is_array($conf))
  $conf = array();

$conf['fb_verbose'] = TRUE; // debug output
//$conf['fb_verbose'] = 'extreme'; // for verbosity fetishists.

// More efficient connect session discovery.
// Required if supporting one connect app and different canvas apps.
$conf['fb_id'] = '116195288419253'; // Your connect app's ID goes here.

// Enable URL rewriting (for canvas page apps).
include "sites/all/modules/fb/fb_url_rewrite.inc";
include "sites/all/modules/fb/fb_settings.inc";

// Header so that IE will accept cookies on canvas pages.
//if (!headers_sent()) {
//  header('P3P: CP="We do not have a P3P policy."');
//}
// end of settings.php
header('P3P: CP="CAO PSA OUR"');
header('Access-Control-Allow-Origin: *');

Thanks

crevillo’s picture

Exactly that, Dave. Links in my app works perfectly inside canvas. This undesired redirect only happens once the user authorize the facebook app.

User is prompted for facebook permissions, and once the user accept them, he is redirect to the url but outside the facebook canvas page.

Didn't try with the latest beta though. Let me check

crevillo’s picture

Tested with last beta, but same behaviour.

Dave Cohen’s picture

I'm having trouble reproducing this.

Are you each using the fb_connect.module block? Have you changed it's default configuration in any way?

When prompted to log into facebook, your browser should show you a long URL, something starting with "https://www.facebook.com/login.php?api_key=". Can you paste the entire URL here? It should have a next=... parameter which controls where the user is ultimately sent.

crevillo’s picture

sorry. problem is not in login. it's inmediately after authorizing the app. that's it, on first access. anyway, i will try to dig into that url params.

crevillo’s picture

Hi again. i solved my problem, at least by know, tweaking some code in fb.module

Here's how it looks now

 // if (fb_is_canvas()) {
      $destination = fb_scrub_urls($destination); // Needed?
   // }

    //Stripping the fragment out to be tacked on during the javascript redirect
    if (strpos($destination, '#') !== FALSE) {
      list($destination, $fragment) = explode('#', $destination, 2);
      fb_js_settings('reload_url_fragment', $fragment);
    }

    fb_js_settings('reload_url', url($destination, array(
                                       'absolute' => TRUE,
                                       'fb_canvas' => TRUE,
                                       'language' => (object) array('prefix' => NULL, 'language' => NULL), // http://drupal.org/node/1000452
                                     )));

Note i'm commenting the check "fb_is_canvas" before call fb_scrubs_url function and i also have changed the fb_is_canvas function when the url was formed. now i harcoded it to TRUE.

Being like this, i stay inside apps.facebook after authorizing the app.

As said previously, i still think my problem came for the fb_is_canvas function. i was always getting FALSE from this function no matter if i were inside facebook iframe or outside facebook.

egarias’s picture

Your solution doesn't work for me.
Sorry for the delay but i am in production and was hard to test.
regarding #10 this is the URL:

http://www.facebook.com/plugins/login_button.php?scope=email%2Cpublish_s...

Thanks

Dave Cohen’s picture

Your code seems to use the fb_connect block (although you use a constant SOCIAL_HANDS_LOGIN_BLOCK which I've never seen before and should probably be removed).

How is that block configured? Try the defaults.

Your login URL starts http://www.facebook.com/plugins/login_button.php, while mine starts https://www.facebook.com/login.php. I'd like to understand why they are different.

egarias’s picture

The code for my connect is:
<iframe src="http://server.social-hands.com/orca/publish/18851739b02e61981242e7a8663e34bf/12/1/comment?u=http://egarias.com/content/prueba" width="100%" height="80px" frameborder="0" scrolling="no" id="socialframe"/>

You can see it live now with version 7.x-3.3-beta4 wich is working for me.
There the button src is
http://www.facebook.com/plugins/login_button.php?scope=email%2Cpublish_stream&show_faces=false&app_id=116195288419253&locale=en_US&sdk=joey&channel=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D25%23cb%3Dfc2165c0ec1524%26origin%3Dhttp%253A%252F%252Fserver.social-hands.com%252Ff1a0d99538cf87%26domain%3Dserver.social-hands.com%26relation%3Dparent.parent

When i use the 7.x-3.4-beta1 button src is the same.

The block i use is the default block "Facebook Connect Login to The People News" being "The People News" my application.

I have: define('SOCIAL_HANDS_LOGIN_BLOCK', 'login_peoplenews');
and then

$block = module_invoke('fb_connect', 'block_view', SOCIAL_HANDS_LOGIN_BLOCK);
    	return '<div class="'.$class.'">'.render($block['content']).'<div class="descrip"><h3>'.$descrip.'<h3></div></div>';

To show my login block.

I don't know why the url is different in your case regarding mine, I think this part i am not touching at all, as i am rendering the standard login block i have.

Many Thanks

Dave Cohen’s picture

Status: Active » Fixed

I'm marking as fixed because you say it's now working.

I don't pretend to understand what you're doing, but it looks like you've created a block, and to render your block you're simply invoking another block. I don't get why the original block from fb_connect.module was not sufficient. Anyway that fb_cpnnect block can be configured via Drupal's block admin pages to render pretty much any markup you want. My suggestion before was to make sure that block is configured with it's default settings. That said, if it works now you probably don't have to change anything.

egarias’s picture

Status: Fixed » Active

The problem from the beggining is that it is working with 7.x-3.3-beta4 but stoppend working after fb version upgrade and i am stucked in this old version.

You can see in #3, if i am not wrong, i am not creating any block, this is a menu callback, and i am using the standard login facebook block wich comes with facebook.connect.module as it is, no modification and i use standard settings here.

with 7.x-3.3-beta4 iframe is not broken.
Newer versions break iframe