ios Facebook发出安全警告:请像对待密码一样对待上面的网址,不要与任何人分享
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/16105113/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Facebook gives security warning: Please treat the URL above as you would your password and do not share it with anyone
提问by iDhaval
I have integrated Facebook with my application to post content. It was working until version 1.2 of the application, but now I am getting a security warning just after login as bellow.
我已将 Facebook 与我的应用程序集成以发布内容。它一直工作到应用程序的 1.2 版,但现在我在如下登录后收到安全警告。
The weird thing about this security warning is that it works for one of my Facebook accounts properly without any warning as previously, but I get this warning with my other account. I have attached a screen shot of the issue:
这个安全警告的奇怪之处在于,它可以像以前一样对我的一个 Facebook 帐户正常工作,没有任何警告,但我的另一个帐户收到了这个警告。我附上了问题的屏幕截图:
采纳答案by iDhaval
After a long time spend on Internet to search this issue. Finally I got the answer about it.
经过很长时间在互联网上搜索这个问题。最后我得到了关于它的答案。
Login to Facebook account> Go to Privacy Setting> Click on Security tag on left sideof Page > then Disable Secure browsing
登录 Facebook 帐户> 进入隐私设置> 点击页面左侧的安全标签> 然后禁用安全浏览
Now Reset your simulator and and then Run application and again login it will work for sure
现在重置你的模拟器,然后运行应用程序并再次登录它肯定会工作
回答by Mansi Panchal
Disabling the secure browsing is not worth , as we cant make all the users to disable secure browsing.
禁用安全浏览是不值得的,因为我们不能让所有用户禁用安全浏览。
I do have resolved.Check my answer here. Escape from Facebook security Warning
我已经解决了。在这里检查我的答案。逃离 Facebook 安全警告
回答by truefish
Short answer is that the problem can be solved if you use your own redirect_uri rather than the standard facebook one. When the access token is returned, the standard www.facebook.com/connect/login_success.html page has a timer which will change the URL possibly before your app can retrieve the access token.
简短的回答是,如果您使用自己的 redirect_uri 而不是标准的 facebook ,这个问题就可以解决。当访问令牌返回时,标准的 www.facebook.com/connect/login_success.html 页面有一个计时器,它可能会在您的应用程序检索访问令牌之前更改 URL。
This problem can occur related to internet latency. We had two customers report issues with this one in Myanmar and one in the UK. No issues for anyone else. Assuming you are authorizing like this:
此问题可能与 Internet 延迟有关。我们有两个客户报告了这个问题,一个在缅甸,一个在英国。其他人没有问题。假设你是这样授权的:
https://www.facebook.com/v2.10/dialog/oauth?client_id=999999999999999&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token&scope=user_photos,user_events&display=popup
For the default redirect_uri (https://www.facebook.com/connect/login_success.html), facebook returns the access_token in the parameters of the URL, but the html body for that page contains two timers:
对于默认的 redirect_uri ( https://www.facebook.com/connect/login_success.html),facebook 在 URL 的参数中返回 access_token,但该页面的 html 正文包含两个计时器:
Success <br/>
<b id="warning" style="display: none; color:red">
SECURITY WARNING: Please treat the URL above as you would your password and do not share it with anyone.
See the <a href="http://l.facebook.com/l.php?u=xxxxxxx" target="_blank" data-lynx-mode="hover">Facebook Help Center</a> for more information.
</b>
<script type="text/javascript">
document.domain = 'facebook.com';
if (window == top) {
setTimeout(function () { document.getElementById("warning").style.display = "block"; }, 2000);
}
setTimeout(function () { if (window.history.replaceState) { window.history.replaceState({}, "", "\/connect\/blank.html#_=_"); } }, 2000);
</script>
When either timer fires, it will change the URL which removes the access_token. So as long as you catch that before it changes, everything works. In our case, we were using an embedded browser control under Windows and monitoring the navigated links. As long as the code can receive a navigation event containing the access_token before this timeout occurs, then everything worked. We were never able to determine how latency of the internet connection and possibly some combination of a user's slow computer caused this problem, but this solved it.
当任一计时器触发时,它将更改删除 access_token 的 URL。所以只要你在它改变之前抓住它,一切都会正常。在我们的例子中,我们在 Windows 下使用嵌入式浏览器控件并监控导航链接。只要代码可以在此超时发生之前接收包含 access_token 的导航事件,那么一切正常。我们永远无法确定 Internet 连接的延迟以及可能是用户计算机速度较慢的某种组合是如何导致此问题的,但这解决了它。
In the Facebook Login settings for your facebook app, add your own URIs to the list of Valid OAuth redirect URIs. If you redirect to your own html page, then you can avoid the facebook timeout.
在 Facebook 应用程序的 Facebook 登录设置中,将您自己的 URI 添加到有效 OAuth 重定向 URI 列表中。如果您重定向到自己的 html 页面,则可以避免 facebook 超时。
