[Facebooker-talk] request_comes_from_facebook
kevin lochner
klochner at gmail.com
Tue Jan 6 20:07:30 EST 2009
In handling the post-authorize callback for fbconnect apps, i'm
running into
a problem with securing the session. It should be handled by
secure_with_fb_params, but request_comes_from_facebook fails due to the
absence of fb_sig_is_ajax or fb_sig_in_canvas in the params hash.
We could modify this function to include fb_sig_authorize as a valid
identifier, as I'm seeing that included in the params in the post-auth
ping.
Before I follow that route, any better ideas?
More information about the Facebooker-talk
mailing list