web page hit counter

Wednesday, March 25, 2009

Facebook Redirects : The URL is not my son


If you didn't get here via a very specific Google search[1] you probably want to stop reading now, otherwise... Those who eschew the standard Facebook PHP libraries are rewarded with a fuller, richer understanding of the intricacies of the API. I.e. they have to deal with obscure crud that normal people get to ignore. This particular cruddy bit recently managed to eat more time than it had any right to consume:
The URL http://www.new.facebook.com/login.php?v=1.0&canvas&next=http%3A%2F%2Fapps.facebook.com
%2Fhistoryradar%2F&api_key=643f14fgg7294eff is not valid.
That error message was in response to a redirect to force authorization if there was no session information on a canvas page request. I knew that the URL was in fact valid since not only was it straight out of the Facebook API documentation, I could cut and paste it into a browser and get the correct response. At first I thought it was an encoding issue (the "next" value needs to be encoded since it's a URL inside a parameter) but it took digging into the standard PHP library to find the real problem:
public function redirect($url) {
if ($this->in_fb_canvas()) {

echo '<fb:redirect url="' . $url . '">';
} else if (preg_match('/^https?:\/\/([^\/]*\.)?facebook\.com(:\d+)?/i', $url)) {
// make sure facebook.com url's load in the full frame so that we don't
// get a frame within a frame.
echo "<script type="\"text/javascript\"">\ntop.location.href = \"$url\";\n";
} else {
header('Location: ' . $url);
}
exit;
}
Right. You don't need a "real" HTTP 302 redirect, you need to send a special snippet of FBML. It's easy to forget that Facebook is its own little Bizarro World until you step just a little outside the approved way of doing things.

[1] No, not "the url is not my son." I mean one with "login.php" and "url" and "not valid" in it somewhere.

You should follow me on twitter here.

3 Comments:

Blogger ofri said...

well, my query was facebook apps 302 redirect url "is not valid"...
and i use python and not php, but my problem was indeed trying to use HTTP-302, instead of fb:redirect...

many thanks.

7:21 AM  
Anonymous Anonymous said...

Great midnight read. Ran into as annoying redirect problem. After reading your blog I wasn't to annoyed. I realize these things happen and there are alternatives ... So thanks

5:46 AM  
Blogger Mitch said...

you're a life saver man...

If anything, I guess learning how to develop Facebook canvas apps is working our "out of the box" thinking.

lol Captcha: doushnes

11:05 AM  

Post a Comment

<< Home