Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Line 403-405 of fb_canvas.module has this:
// Make relative links point to canvas pages.
$patterns[] = "|<a([^>]*)href=\"{$base}|";
$replacements[] = "<a $1 href=\"http://apps.facebook.com/{$_fb_app->canvas}/";
The hardcorded http in the replacement pattern will break your app if being accessed from https://apps.facebook.com/
I'm working on a cleaner solution/patch, but I'm testing this right now:
// Make relative links point to canvas pages.
$patterns[] = "|<a([^>]*)href=\"{$base}|";
if($_SERVER['HTTPS']) {
$replacements[] = "<a $1 href=\"https://apps.facebook.com/{$_fb_app->canvas}/";
} else {
$replacements[] = "<a $1 href=\"http://apps.facebook.com/{$_fb_app->canvas}/";
}
It's ugly as sin, but it seems to be solving the issue for me.
| Comment | File | Size | Author |
|---|---|---|---|
| #3 | fb_protocol.diff | 3.32 KB | Dave Cohen |
Comments
Comment #1
Dave Cohen CreditAttribution: Dave Cohen commentedGood catch. There's some code in facebook's php sdk that does a test like this...
Comment #2
MacRonin CreditAttribution: MacRonin commentedThanks for catching. I was just doing some testing(learning Canvas pages) and getting similar error. (I have HTTPS set as my user's default.)
For most apps it just gives me a warning and asks to temporarily switch to unsecured HTTP. But for my server i can accept either HTTP or HTTPS and route to the same page, so avoiding the warning msg and following switch from HTTPS to HTTP would be great.
BTW I'm on the current DEV version for Drupal - 7
Comment #3
Dave Cohen CreditAttribution: Dave Cohen commentedHere's a patch I'm working with. For D6.
Comment #4
Dave Cohen CreditAttribution: Dave Cohen commentedNo feedback, still I'm committing the patch.