Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 PST on 31 March 2024, to get $100 off your ticket.
Starting Oct 1st, canvas pages and tabs must use HTTPS (or remain in sandbox mode).
Facebook has made these secure urls available a application properties. So the modules should set them automatically.
Comment | File | Size | Author |
---|---|---|---|
fb_secure_urls_d6.diff | 2.72 KB | Dave Cohen |
Comments
Comment #1
notluap CreditAttribution: notluap commentedI successfully setup my Drupal site/canvas app to use HTTPS; however, when I access the Facebook canvas app through https://apps.facebook.com/myapp the app loads correctly over https, but then clicking any link in the app brings you back to a normal http unsecured page.
I don't have this problem when clicking links on my normal Drupal domain over https, only in the canvas app.
Any thoughts?
Comment #2
Dave Cohen CreditAttribution: Dave Cohen commentedIt looks like when you provide a secure URL, it's always used. So even at http://apps.facebook.com/.... the iframe is https://....
So there's no way for drupal to know whether the original apps.facebook.com url is https or not. I suppose it is better to send a user from http to https rather than the other way around.
Comment #3
Dave Cohen CreditAttribution: Dave Cohen commentedImproved the code and checked it in.