seen from United States
seen from Malaysia
seen from United Kingdom
seen from Malaysia
seen from United States
seen from Brazil
seen from United States
seen from China
seen from Yemen
seen from China
seen from China
seen from Brazil
seen from Hong Kong SAR China
seen from Germany
seen from China
seen from Japan
seen from Malaysia
seen from Japan
seen from Australia
seen from Malaysia
Requiring HTTPS for Facebook Login
Requiring HTTPS for Facebook Login
Originally Published on Developers.facebook.com on June 8, 2018 By Brad Hill
To increase the security of apps and websites using Facebook Login, we’re making an important update for the handling of all Facebook Login access tokens. A new “Enforce HTTPS” setting for Facebook Login is now available in your App Dashboard. When turned on, it requires all Facebook Login redirects to use HTTPS, and…
View On WordPress
Anya is live and ready to show you everything. Watch her strip, dance, and perform exclusive shows just for you. Interact in real-time and make your fantasies come true.
Free to watch • No registration required • HD streaming
Requiring HTTPS for Facebook Login
Requiring HTTPS for Facebook Login
Originally Published on Developers.facebook.com on June 8, 2018 By Brad Hill
To increase the security of apps and websites using Facebook Login, we’re making an important update for the handling of all Facebook Login access tokens. A new “Enforce HTTPS” setting for Facebook Login is now available in your App Dashboard. When turned on, it requires all Facebook Login redirects to use HTTPS, and…
View On WordPress
Ruby version of Facebook's get_facebook_cookie in PHP
Facebook provides an example of Single Sign-on that includes a method of verifying the authenticity of facebook's cookie that is set by their JavaScript SDK. The method is defined as:
<?php define('FACEBOOK_APP_ID', 'your application id'); define('FACEBOOK_SECRET', 'your application secret'); function get_facebook_cookie($app_id, $application_secret) { $args = array(); parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); ksort($args); $payload = ''; foreach ($args as $key => $value) { if ($key != 'sig') { $payload .= $key . '=' . $value; } } if (md5($payload . $application_secret) != $args['sig']) { return null; } return $args; } $cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_SECRET); ?>
Here's one for Ruby.
require 'cgi' require 'digest/md5' def get_facebook_params(app_id, app_secret, cookie) # unquote cookie value cookie.gsub!(/^"|"$/, '') # construct key, value pairs params = CGI.parse(cookie) # params contains keys and values of the form # {"session_key" => ["..abcdef.."], "uid" => ["123456789"]} # we need to unwrap each value out of the array into something like this # {"session_key" => "..abcdef..", "uid" => "123456789"} params = Hash[*params.sort.flatten] # take sig out sig = params.delete("sig") payload = '' params.sort.each do |pair| key, value = pair payload = payload + "#{key}=#{value}" end return nil if sig != Digest::MD5.hexdigest(payload + app_secret) return params end
