I have a very simple web page that uses the Facebook Javascript API and is installed as a tab on a Facebook page. When the page is loaded, the only thing it does after calling the usual Facebook init code is to listen to auth.authResponseChange and then show/hide various elements depending on whether the user is logged in or not.
If I load this page, via http or https in an ordinary browser session, everything is fine. The page loads reasonably fast.
But if I load the page tab in Facebook, it hangs for about two minutes. Chrome tells me that this wait is due to 'waiting' for my page. But if I watch the access log, I don't see an access request logged until just before the page displays. So it seems like Facebook is masking what is really going on behind the scenes.
I opened a ticket with Facebook, and they replied that this issue was due to my code and reproducible with any POST that contained a signed_response.
After much head scratching and experimentation, I found that adding the following two lines to the view that handles this page fixed it:
if 'signed_request' in request.POST:
pass
So clearly Django 1.3.1 is holding the HTTP session open until you actually read some POST values. Ouch.
Related
My app successfully connects to Facebook using Facebook's Graph API, requests access to the pages I want to post to and redirects back to my app. That works like charm.
My problem is that if I created a new page on Facebook, I cannot add it to my app:
When I try to connect again, Facebook seems to know what I have requested earlier and I'm immediately redirected to my app without the request which pages I want to allow access to.
How to reconnect or what's the normal way to fix that problem?
I use Facebook's PHP Graph SDK 5.7.
#CBroe That didn't work either, but then I've cleared all permissions and chosen to reopen the site selector dialog, chosen all sites and closed, removed the information from my database and reconnected... Now the dialog appeared! Thank you for your help! Helped me a lot!
I am creating an ecommerce webapp and I want to update my admin page when user place order. After research i found out about Django signals, but it seems pretty confusing. The idea behind this is that, when a user places an order I want the admin page to be refreshed and show the latest updates. I tried ajax but javascript can only work with the current open page. Can anyone help me with usibg django signals this way?
I think you misunderstand a little, if your idea is that the admin page viewed by the user in a browser is to be refreshed. The page viewed by a site visitor is retrieved on demand of the browser. The user could refresh a page, or a page script may auto-refresh on a timer (this is not a very good solution, but it is easy).
Django can't make the browser update the page.
Signals can cause django to do something in the backend, but they can't solve the problem that the browser is in charge.
There is one technology designed to allow the server to push content to the browser: websockets.
If you use websockets (Django's fairly recent built-in support is called Channels (https://channels.readthedocs.io/en/stable/)), then you can push content to the browser, where a receiving script on the page will do something with it. This is a very powerful technique, but there is a learning curve of some hours if you are starting from scratch.
Recently I came across this front-end library which tries to make this easy as
far as the browser goes: https://htmx.org/docs/
But you still have to deal with running a websocket server and learning how to send messages to a websocket. You will however feel like a superhero at the end of it, so there's that.
I need to book an appointment on a website. These appointments are released sporadically and booked up quickly. To even see available appointment times, you have to login & complete a reCaptcha. If I wanted to write a scraper using Headless Chrome to continually scrape the site and notify me when a new appointment comes up, following the login flow each time would require beating the reCaptcha, which is at least non-zero difficult.
A better approach (I thought) would be to log in once manually, grab my session cookies, and then load them into Headless Chrome before making a request directly to the appointment times page. The server would see my request, see my session cookies, and respond as if the manually-logged in session had been refreshed. This is pretty much as outlined in the answer to this StackOverflow question: how to manage log in session through headless chrome?
But this doesn't work, and I can't figure out why. I get redirected every time straight back to the login page. I've tried on Chrome & Firefox, and with several other login-requiring websites (Facebook, Reddit, etc.).
How can these servers possibly discern between the original client and the one using copied cookies, when the cookies are what the servers use to identify clients in the first place?
Exact steps to reproduce:
Login to site of your choice on Chrome, let's say Facebook.
Export your cookies to your clipboard from the site using the EditThisCookie Extension
Launch an incognito window (to reset your active cookies) and import those session cookies with the same handy extension.
Navigate to the target, past-the-login-form url.
Get redirected.
Get frustrated.
I'm looking to see some info about my facebook contacts, and I want the info to be overlayed on the currently open website.
Currently, I'm trying to do this via a bookmarklet.
Is it possible for me to overlay a div over the currently open web page and populate it with a functioning facebook login button (if the user is not logged in)? Are there publicly available working examples of something like this?
It is probably not possible to simply embed Facebook within an iframe because Facebook blocks people from embedding their pages within frames or iframes by putting this into the response header, "X-Frame-Options: DENY". This is most likely to prevent click-jacking and similar security exploits.
To test this, enter any page from Facebook into http://savanttools.com/testframe
Facebook has an API which allows you to do many things, but it requires server side code, and can not be done simply with a bookmarklet.
There is also always the brute force method where your server scrapes data from any website you want it to. Then that data could be put into a bookmarklet.
Finally, the same thing could be achieved by writing an add-on or a user script without using a bookmarklet at all.
We're developing a tablet app, and my coworker had a rogue thought:
What if you put a manifest attribute on the html tag of a ColdFusion page? Would it
still work if the user couldn't get to the server?
I think it's lunacy, but I wanted to hear what you guys had to say.
The client side is not aware of how is generated the page. He didn't even know if the page is generated. So, the page is cached like another page.
If you are not connected, the could handle this case with some javascript and alert the user you can't communicate with the server.
You could simply disable the application or work with localStorage etc...