Reputation: 852
Facebook API and Safari
Update and solution: It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.
I'm working on an ASP.NET application with Facebook authentication. For this I use Microsofts Facebook SDK in combination with Facebooks Javascript API. Everything's working, except for Safari. Safaris default setting is to not accept third-party cookies, which results in:
- I can access the Facebook session through Javascript.
- I can NOT access the Facebook session server-side, because the cookie is never set and sent from Safari.
This is my client-side code related to Facebook (JS):
<div id="fb-root"></div>
<fb:login-button>Login with Facebook</fb:login-button>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({ appId: 'myAppId', status: true, cookie: true, xfbml: true });
FB.Event.subscribe('auth.login', function (response) {
if (response.session) {
window.location.reload(); //Results in eternal reload of page
}
});
</script>
This is my code for fetching the user id server-side (C#):
public string FacebookUserID
{
get
{
FacebookSettings settings = new FacebookSettings();
settings.AppId = "myAppId";
settings.AppSecret = "myAppSecret";
FacebookApp app = new FacebookApp(settings);
Authorizer auth = new Authorizer(app);
return (auth.IsAuthorized()) ? app.Session.UserId : null;
}
}
I guess I'm not the only one with the same problem, but I've searched both the Facebook Developer forum and here and haven't found a solution. It's really more of a Safari problem than a Facebook-specific problem.
I've been thinking about posting the user-id back to the server through GET/POST/my own cookie, but that is an ugly solution and a potential security issue.
Any ideas?
Upvotes: 3
Views: 2633
Answers (1)
Reputation: 852
It turns out the problem was based on a redirect I used for my dev URL, which resulted in browsers perceiving all cookies set by my page as third-party cookies. The Facebook JS API session cookie is not set as a third-party cookie.
Upvotes: 3
Related Questions
- ASP.NET Facebook app session issue with safari
- Cross domain [??] FaceBook LogIn session
- Does the Facebook C# SDK depend on cookies on the server?
- Facebook Cookie
- Facebook cookie issue in IE9 and Chrome and FacebookWebClient initialization
- Facebook login with ASP.NET
- Facebook JS SDK Does Not Set fbs_* Cookie in Safari
- javascript FB.login on Safari
- Facebook iOS SDK not storing cookies for access
- Facebook Connect & ASP.NET Forms Authentication - Timing/Cookie Problem