4

I have a facebook app that uses iframe.

facebook loads my website inside an iframe. When I click a link, my website display an iframe using lightbox to display a facebook login. Everything works fine on ff, ie, chrome. On safari, frame keeps reloading infinitely.

PHP code

$me = null;


$session = $facebook->getSession();

if ($session) {
  try {

     $me = $facebook->api('/me');

     $_SESSION['facebook'] = $me;


  } catch (FacebookApiException $e) {
  }
}

if($me) require_once("logged.php");
else require_once("login.php");

javascript in login.php

window.fbAsyncInit = function() {




    FB.init({
    appId : '<?=$appId?>',
    status : true, // check login status
    cookie : true, // enable cookies to allow the server to access the session
    xfbml : true // parse XFBML
    });

    check_login_session();

    // whenever the user logs in, we refresh the page
    FB.Event.subscribe('auth.login', function() {

        $.browser.safari = ( $.browser.safari && /chrome/.test(navigator.userAgent.toLowerCase()) ) ? false : true;

        window.location.href = window.location.href;
    });


};

any ideas would be appreciated!

Thanks!

Moon
  • 22,195
  • 68
  • 188
  • 269
  • I just found an interesting comment on http://stackoverflow.com/questions/172223/how-do-i-set-cookies-from-outside-domains-inside-iframes-in-safari. I think Broote's solution would work, but I don't understand what he wrote. – Moon Apr 29 '11 at 04:55
  • I found a perfect solution on http://forum.developers.facebook.net/viewtopic.php?pid=257432#p257432 – Moon Apr 29 '11 at 07:01
  • whoever the author is, I will kiss!!!!! – Moon Apr 29 '11 at 07:03
  • I've added the solution! hope it works for u... I had the same issue and was banging my head against the mac for 2 days before I realized the issue! – Tarun Jul 18 '11 at 12:06

1 Answers1

2

If u r still looking for solution then try building P3P headers http://www.p3pwriter.com/LRN_121.asp

usually there is a security issue when setting cookies inside iframe, p3p headers act as an agreement between website and client's computer guaranteeing that the information saved in cookies wont be misused.

quick solution: http://planet.admon.org/how-to-implement-p3p-http-headers-for-cross-site-cookies/

what to do: copy paste this in your header:

<?php
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"')
?>

thats it!

Tarun
  • 5,374
  • 4
  • 22
  • 32