Using this in my code:
ref.authWithOAuthPopup("facebook", function(error, authData) { ... });
I get the following warning in the bottom of the dialog that appears, for an app that hasn't previously gotten permission to run:
You are using a display type of 'popup' in a large browser window or
tab. For a better user experience, show this dialog with our
JavaScript SDK without specifying an explicit display type. The SDK
will choose the best display type for each environment. Alternatively,
set height and width on your window.open() call to properly size this
dialog if you have special requirements precluding you from using the
SDK. This message is only visible to developers of your application.
I'm assuming that this is a bug in Firebase. Am I wrong?
[Engineer at Firebase] This is working-as-intended. The Firebase API manually configures the display parameters of the Facebook popup to best match the platform and environment that you're using. This warning is shown to the developers of the application, encouraging you to use the Facebook JavaScript SDK rather than the generic OAuth flow.
Note: This warning from Facebook is only shown to the developers listed on the Facebook application, and your end users won't see it.
Related
My application has a payment card section inside of an iFrame. When running tests via TestCafe once the payment card form is submitted the form just gets stuck in 'processing' mode. As I'm trying to debug this issue I see that Chrome is blocking a redirect URL. I've tried to change my Chrome settings to allow all pop-ups but this is not adhered to when running via TestCafe.
So how can I set TestCafe browser to allow all pop-up? Is there a parameter I can pass when starting the test?
Could you send us a simple example of the page that shows the "Redirect blocked" warning when it's opened by TestCafe? This might be helpful for our further research.
As temporary workaround you can consider usage of User Profiles.
The product I work on offers SSO into Office365, through both the web and native, "thick" clients aka rich clients. Part of SSO-ing into an Office365 app, such as Excel for example, involves displaying my product's login page inside of the login popup window inside the thick client. The problem is, only on Windows, I get many JavaScript errors when trying to execute the JavaScript included in our login page (it happens to be using AngularJS, but I suspect many frameworks/libraries would be incompatible). It appears that console is not supported, along with document.body, and many other "essentials".
Does anyone have any knowledge of the DOM and script engines that are used here? The first page shown in the SSO flow is Microsoft's login page where you enter your email address, which then redirects to my product's login page (mapped by domain on the email address), and their page seems to render fine, so clearly it's possible to get HTML and JS to work nice (enough). I'd also take a recommendation on any kind of shim/polyfill that would help me get moving, as well.
After doing some more digging, it looks like I was able to solve my problem by specifying an HTTP Response header of name X-UA-Compatible with value IE=edge, which tells IE to render using the latest document standards. It looked like the web view was originally trying to render using IE7 compatibility mode, which explains why none of my JS was working as intended.
See https://stackoverflow.com/a/6771584/3822733 for more information on X-UA-Compatible, this is the question/answer that helped me solve this problem.
I am integrating Rocket.Chat to our existing web application, which has a large user base. After successfull Rocket.Chat Keycloak integration (SSO), it was decided to inject chat to the existing application using available iframe integration since it allows sending commands for authentication and simplifies Rocket.Chat events handling.
The actual problem is the fact that, iframe integration breaks site navigation, i.e. klicking browser's back button doesn't navigate to the previous page. Possible solutions available on SO are unfortunately not helping.
Any help is much appreciated!
I'm using AngularJs 1.4 with ngFacebook module. I have a similar issue which I have been convinced that can be ignored more about this here.
But the problem here (it had existed, but I didn't noticed it until now) is that avatars which I fetch during my App login process are progressively added to browser cache on each Back<->Forward click on browser's buttons after login. Here is example url: https://scontent.xx.fbcdn.net/hprofile-xla1/v/t1.0-1/c15.0.50.50/p50x50/1379841_10150004552801901_469209496895221757_n.jpg?oh=6bb0a02a85736c3eef0f79cc7f4f652e&oe=5701F533
(This is test user which no more exists) I show the upper full fb url for more clearance.
I just want to prevent accumulating of these images in browser cache.
And may be more important - How did you proceed in such cases, best practice, only using facebook login utilizing fb profile pictures as avatars in my WebApp?
Forgot to mention that I'm using Phaser framework where I load this avatar again, but it already exists in browser cache, because Angular based page already use it in my header bar. I'm confused about that.
PP: Refreshing through browser removes all.
Solution - if you use fb login along with Phaser framework, and use fb user profile as avatar in both Phaser canvas game page and on some Angular page, then don't set this in Phaser preload stage:
this.game.load.crossOrigin = true;
Facebook has its own iframe based code to handle such COR issues.
I'm working on an app built in Titanium that has a few "Tweet about this" buttons. Since I can't use the Javascript part of a Tweet button as described in Twitter API, I just use a plain URL with parameters.
On Android, this causes problems. When users click this link, they get a choice how to open it: always the native browser, and additionally any app that has registered for this kind of link. So if the user has the Twitter app installed, Twitter will be shown as one of the options.
That would be great, except the Twitter app is awful. Most types of suggest-a-tweet URL cause the app to crash, and the few that do work don't pass the status text.
I'm looking for a way to force the URL to be opened by the native browser. (Or way to prevent the Twitter app from being among the options presented to the user, but that seems harder to do)
Is this possible using only the URL itself, or maybe a little Javascript? Since I'm using Titanium, Java won't help me.
I can't give you what you want but give you an alternative suggestion.
What you are trying is hard (often impossible to do without errors) even with native code as your trying to work against the OS. Intents are used in android as a way to let the user decide which program should handle a certain request. If you don't want the user to take this decision I'd suggest opening the url in a embedded browser.