I've found the solution. If you execute FB.login without user action, webkit blocks the popups.

我找到了解决方案。如果您在没有用户操作的情况下执行 FB.login，webkit 会阻止弹出窗口。

For instance, I used an invite system on my project. There was a input/text to enter invitation code. I checked the invitation code is available with an ajax/post request. if it is available, I run FB.login(). As you guess, browser blocked popup and tons of errors appeared at js console.

例如，我在我的项目中使用了邀请系统。有一个输入/文本来输入邀请码。我检查了邀请码是否可用于 ajax/post 请求。如果可用，我运行 FB.login()。如您所料，浏览器阻止了弹出窗口，并且在 js 控制台上出现了大量错误。

So you must run FB.login() after a user action. I'll put a facebook login button between ajax/post and FB.login(). Users'll have to click it -thats sucks- but they'll not see a problem.

因此，您必须在用户操作后运行 FB.login()。我将在 ajax/post 和 FB.login() 之间放置一个 facebook 登录按钮。用户必须点击它——这很糟糕——但他们不会看到问题。

Btw, the problem reoccurs after a few days. I think it's about trust system of browser. When you're developing it, you visit lots of times, browser thinks it's reliable at first. I'm not sure about this part but my solution works.

顺便说一句，问题在几天后再次出现。我认为这是关于浏览器的信任系统。当你开发它时，你访问了很多次，浏览器一开始认为它是可靠的。我不确定这部分，但我的解决方案有效。

In my case it was because of facebook JS loaded multiple times at single page: one for login and second for "like" button. Removing reference in "like" module saves the day.

就我而言，这是因为 facebook JS 在单个页面上加载了多次：一个用于登录，第二个用于“喜欢”按钮。删除“like”模块中的引用可以节省一天。

Mücahit Y?lmaz is correct. Take the example I pasted below and if you use the setTimeout() method it fails, other wise it works. I still get the warning message in a loop until I properly login but it's a small price to pay. I'm sure users won't see it.

Mücahit Y?lmaz 是正确的。以我在下面粘贴的示例为例，如果您使用 setTimeout() 方法它会失败，否则它会起作用。在我正确登录之前，我仍然会循环收到警告消息，但这是一个很小的代价。我相信用户不会看到它。

$(document).ready(function() {
$("#facebook_link").click(function() {
    //setTimeout(fb);
    fb();
    return false;
});

function fb() {
    FB.getLoginStatus(function(response) {
        if (response.session) {
            // logged in and connected user, someone you know
            gotResponse(response);
        } else {
            // no user session available, someone you dont know
            FB.login(function(response) {
                if (response.session) {
                    // user successfully logged in
                    gotResponse(response);
                } else {
                    // user cancelled login, do nothing
                }
            });
        }
    });
}

function gotResponse(response) {
    console.dir(response);
}

});

});

It's easy to reproduce: login to facebook in another tab, then try this code and you'll see no warnings. Logout, then try the code and you get the warnings. It's because it hits the .login block.

重现很容易：在另一个选项卡中登录 Facebook，然后尝试此代码，您将看不到任何警告。注销，然后尝试代码，您会收到警告。这是因为它击中了 .login 块。

In my case the problem was related to <div id="fb-root"></div>tag. I wasn't putting it immediatly after the opening <body>tag, as recommended by the docs.

就我而言，问题与<div id="fb-root"></div>标签有关。我没有按照文档的建议立即将它放在开始<body>标签之后。

After putting it in the right place, the "Unsafe JavaScript..." error stopped.

将它放在正确的位置后，“不安全的 JavaScript...”错误停止了。

Removing the 'xfbml : true' option from my FB.init call fixed this for me.

从我的 FB.init 调用中删除 'xfbml : true' 选项为我解决了这个问题。

I was having the problem in the default internet browser on Android Jelly Bean

我在 Android Jelly Bean 上的默认互联网浏览器中遇到了问题

And in my case the problem was related to type of protocol: from:

就我而言，问题与协议类型有关：来自：

<div class="fb-like-box" data-href="https://www.facebook.com/xxxxxx"

to:

到：

<div class="fb-like-box" data-href="http://www.facebook.com/xxxxxx"

as my web store didnt use https I removed 's' from data-href attribute of the likebox.

由于我的网上商店没有使用 https，所以我从 likebox 的 data-href 属性中删除了“s”。

I had this problem with a chrome browser and it was due to my chrome settings. I had the browser set to disallow 3rd parties sites from setting cookie data. Allowing Pop-ups was not an issue for me. When the facebook iFrame is created it must set a cookie that it then uses to track if the user needs to login. If that cookie isn't allowed to be set then the site fails. One thing that would be useful in the facebook api would be a setting that shows when something is failing. I do not see that as an event that one can subscribe to and assign a callback.

我在使用 chrome 浏览器时遇到了这个问题，这是由于我的 chrome 设置造成的。我将浏览器设置为禁止 3rd 方网站设置 cookie 数据。允许弹出窗口对我来说不是问题。创建 facebook iFrame 时，它​​必须设置一个 cookie，然后使用该 cookie 来跟踪用户是否需要登录。如果不允许设置该 cookie，则站点将失败。在 facebook api 中有用的一件事是设置显示何时出现故障。我不认为这是一个可以订阅和分配回调的事件。

Here is a link to the FB javascript sdk on subscriptions. Any response on finding a callback for failed requests would be appreciated.
https://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/

这是关于订阅的 FB javascript sdk 的链接。任何有关为失败的请求找到回调的响应都将不胜感激。
https://developers.facebook.com/docs/reference/javascript/FB.Event.subscribe/

Mücahit Y?lmaz's solution worked for me, as well. I didn't need to access the user's information, so I removed the login script from the sample app. Also removed the Welcome message and any information requiring info stored in the $basicvariable.

Mücahit Y?lmaz 的解决方案也对我有用。我不需要访问用户的信息，所以我从示例应用程序中删除了登录脚本。还删除了欢迎消息和任何需要存储在$basic变量中的信息的信息。