Need help with IFrame based app and Safari

Apr 8, 2010 at 9:24 PM

My problem is that Safari users are not persisting the FB Session information. The reason is because by default Safari doesn't allow to store cookies on a page being served by an iframe whose domain is different than the parent page => Facebook.com has an iframe serving fbapp.yourdomain.com.

Based on my debugging, the toolkit uses cookies to cache the session information, but since the cookies are not being persisted the app thinks the user is not login and redirects the user to the beggining of the app. I can't store the info in session variables because the method LoadCachedSession is called before the UseHttpSession is set to true.

How can I solve this problem?

Apr 8, 2010 at 9:30 PM

in my experience, problems with cookies not being update consistently are at the core of many of the session management issues with Facebook.

The only resolution I've found is to use the new alpha javascript client library, which can operate in a cookieless mode, and to use it to manage obtaining, refreshing, and passing of session info on the client, and then pass it to the .net server side stuff myself.

Apr 8, 2010 at 10:46 PM

can you please elavorate a little more on your solution? How do I use the alpha client library? How do you obtain, refresh and pass session info from the client to the server?

Apr 8, 2010 at 11:59 PM

the alpha javascript client library is at http://github.com/facebook/connect-js

You can get session info a variety of ways using the alpha javascript client library, such as:

 

FB.getLoginStatus(function(response) {
	if (response.session) {
	// logged in and connected user, someone you know
	} else {
	// no user session available, someone you dont know
	}
});

You can stuff the session fields (session key for example) into hidden form fields, and then post them to your page on the server.

I use it in my app, which is based on MVC, to prompt the user for extended permissions, update their session info accordingly, and pass the session info to the server to save it for later use.