问题
I am building a facebook app currently it is in sandbox mode. My code :-
index.php
<?php
ob_start();
@session_start();
require 'facebook.php';
include_once('config.php');
$facebook = new Facebook(array(
'appId' => APP_ID,
'secret' => SECRET_KEY,
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
if (!empty($user_profile )) {
# User info ok? Let's print it (Here we will be adding the login and registering routines)
$username = $user_profile['name'];
//echo '->'.$username;exit;
$uid = $user_profile['id'];
$email = $user_profile['email'];
@session_start();
//$_SESSION['id'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['username'] = $username;
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = 'facebook';
header("Location: home.php");
?>
<?php
} else {
# For testing purposes, if there was an error, let's kill the script
die("There was an error.");
}
} else {
# There's no active session, let's generate one
$login_url = $facebook->getLoginUrl(array( 'scope' => 'email'));
header("Location: " . $login_url);
}
?>
Here I am checking if the user is login or not if it is a logged in user then redirect to home,php else to login page of facebook.
but when i run my app on facebook it throws error on console :-
Refused to display document because display forbidden by X-Frame-Options because it set 'X-Frame-Options' to 'DENY'
Also I tried this solution but it wont work
回答1:
You can not display the login dialog within any kind of frames – that’s an anti-phishing measure, the user is supposed to be always able to verify that the login dialog they are shown is indeed from facebook.com, and not a fake loaded from any other site.
You have to redirect to it in the top window instance. This can not be done server-side, so you have to use JavaScript:
<script>top.location.href = "…";</script>
回答2:
Instead of header redirect use JS redirect as
<script>top.location.href="THE URL"</script>
来源:https://stackoverflow.com/questions/21823415/facebook-app-error-forbidden-by-x-frame-options