Facebook SDK for .NET - Security Warning Issue

2019-01-27 11:07发布

问题:

everyone. Today I encounter the following message in my Windows Phone App:

Success
SECURITY WARNING: Please treat the URL above as you would your password and do not share it with anyone.

This happens when my users Login through the Web Browser Control, which get the Login URL from the GetLoginUrl method from the Facebook SDK for .net. This problem is not only happening in my Apps, I've seen users from other Apps having the same problem.

Anyone found a solution to this?

I'm running this SDK in my PictureWeather (Windows Phone 7 & Windows Phone 8) and Picture2Cams (Windows Phone 8) Apps.

回答1:

Had the same problem. In my app I changed this line:
parameters["redirect_uri"] = "https://www.facebook.com/connect/login_success.html";
To this line:
parameters["redirect_uri"] = "https://m.facebook.com/connect/login_success.html";
And it works now.



回答2:

Had the same problem on our WP8 app using the Facebook SDK for Windows Phone (http://facebooksdk.net/docs/phone/) and the indicated solution with changing the redirect URL also worked for us.

Thanks for submitting this solution.



回答3:

I ran into this problem, myself, and did a bit of digging to get to the root of the issue. The problem seems to spring from some unknown (to me, anyway) change on Facebook's side, where previously the authentication response URL was in the form

https://www.facebook.com/connect/login_success.html#access_token= ...

for some reason it now comes back from the login flow as

https://www.facebook.com/connect/login_success.html#?access_token= ...

The code in FacebookSDK.NET does a comparison in line 104 of LoginPage.xaml.cs with a simple Uri equality test

if (e.Uri == WebAuthenticationBroker.EndUri)

which fails to return true when the question mark appears in the middle. I expect Facebook will correct this on their end just because too much stuff breaks, but in the meantime a pretty clean fix is to get the FacebookClient sources from GIT instead of NuGet and change the comparison to this

UriBuilder clean = new UriBuilder(e.Uri);
clean.Query = "";
    if (clean.Uri == WebAuthenticationBroker.EndUri)

The code will then run just fine, but this is seems ultimately to be Facebook's bug when checking the documentation on their developer site.

I hope this helps some others, I signed up for Stackoverflow just to make this post. :)



回答4:

Use latest facebook sdk for windows phone. This issue got resolved in latest sdk. I am using Facebook.Client 0.8.2-alpha and its working great. I followed http://nuget.org/packages/Facebook.Client and http://facebooksdk.net/docs/phone/controls/login-ui-control



回答5:

I guess the only way he did this was by downloading both projects from their official Github (Facebook and Facebook.Client) and reference them in your app instead of using the DLL that you can get from Nuget.

With both projects in hand, you can change this parameters on the Facebook.Client Project in the file FacebookSessionClient. Then build all the project and run.

However this solution didnt work for me too.