Reputation:
Facebook Secure Forms
I am building some forms using the html input tabs in Facebook. My form actions are post and insert linking to externally hosted php function files.
The problem is, if the user isn't using Facebook's new https setting, a pop up is shown with "un secure form"
Is there a why to provide a secure handler externally hosted or is this something I would have go deeper into Facebook ap making with?
Upvotes: 0
Views: 158
Answers (1)
Reputation: 164129
Facebook loads your app into an iframe (using POSTing a form). When the user is using https with facebook they use the Secure Canvas URL property from the app settings, and when the user is not on secure browsing they use the Canvas URL. Because of that, your page is not loaded from https but http, which is why that warning is shown to the user by the browser.
What you can do is to check when your page is loading which protocol is used and if it's not https then reload the page from https. Something like (using window.location object):
var location = window.location;
if (location.protocol != "https:") {
window.location.href = "https://" + location.host + "/" + location.pathname + location.search
}
Or if you don't expect to have urls in your querystring you can simply replace:
window.location.href = window.location.href.replace("http", "https");
Upvotes: 1
Related Questions
- facebook page tab not available over ssl
- facebook tab default http over https
- Facebook Tab App and SSL Certiifcate
- Do Facebook page tabs have to be https? It doesn't seem like it
- Cannot make facebook custom tab app without SSL..help?
- SSL Only Facebook Page Tab
- Facebook tabs ssl minimum requirement
- Secure url required in page tab apps, despite sandbox
- Facebook iFrame tab problem with secure url (https)
- Secure Page Tab URL will be required on October 1, 2011