Facebook App Error forbidden by X-Frame-Options

2019-03-05 15:56发布

站内文章 / PHP
60 0 0

问题:

I am building a facebook app currently it is in sandbox mode. My code :-

index.php

<?php
ob_start();
@session_start();

require 'facebook.php';
include_once('config.php');


$facebook = new Facebook(array(
            'appId' => APP_ID,
            'secret' => SECRET_KEY,
            ));

$user = $facebook->getUser();

if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
    $user = null;
  }


    if (!empty($user_profile )) {
        # User info ok? Let's print it (Here we will be adding the login and registering routines)

        $username = $user_profile['name'];

        //echo '->'.$username;exit;
        $uid = $user_profile['id'];
        $email = $user_profile['email'];


        @session_start();
        //$_SESSION['id'] = $userdata['id'];
        $_SESSION['oauth_id'] = $uid;

        $_SESSION['username'] = $username;
        $_SESSION['email'] = $email;
        $_SESSION['oauth_provider'] = 'facebook';
        header("Location: home.php");

        ?>

        <?php


    } else {
        # For testing purposes, if there was an error, let's kill the script
        die("There was an error.");
    }
} else {
    # There's no active session, let's generate one
    $login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
    header("Location: " . $login_url);
}
?>

Here I am checking if the user is login or not if it is a logged in user then redirect to home,php else to login page of facebook.

but when i run my app on facebook it throws error on console :-

Refused to display document because display forbidden by X-Frame-Options because it set 'X-Frame-Options' to 'DENY'

Also I tried this solution but it wont work

回答1:

You can not display the login dialog within any kind of frames – that’s an anti-phishing measure, the user is supposed to be always able to verify that the login dialog they are shown is indeed from facebook.com, and not a fake loaded from any other site.

You have to redirect to it in the top window instance. This can not be done server-side, so you have to use JavaScript:

<script>top.location.href = "…";</script>


回答2:

Instead of header redirect use JS redirect as

<script>top.location.href="THE URL"</script>


标签: php facebook facebook-php-sdk
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~