Facebook like error - disabled/not visible - javascript

We've got a number of content managed sites that use the same functionality. We added a site recently, and the Facebook like button is failing with an error on-click (following Facebook login):
This page is either disabled or not visible to the current user.
This only happens when the Facebook user isn't an administrator of the page, or of an application we've created for the page.
The site where this is failing is here: http://beachhousemilfordonsea.co.uk/
An example of a site that works (same code): http://monmouthash.co.uk/
The Facebook like code:
<fb:like href="http://beachhousemilfordonsea.co.uk/" width="380"></fb:like>
Actions already taken
I've checked with the FB Linter and there are a couple of Opengraph warnings that do need to be fixed (add a description, increase the image size) - but these are the same for all sites so should be affecting this (it's on the dev plan to get these rectified in the next release).
I've taken a look at the Facebook App we've got running on the problem page, and checked it against other working applications and the settings are the same as far as I can see, except there are missing options with this new application:
Encrypted access token (assume this is default, not changeable now)
Include recent activity stories
It doesn't feel like the application should have much of an impact on this though, as we use the application for the other functionality within the page (which is all working fine!).
I've searched for possible issues, and checked the more common ones:
There are no age/geographic restrictions
I've submitted 2 requests to Facebook in case the content is blocked, but no response or change
Any recommendations as to what else to try?
Thanks in advance,
Kev
P.S. I asked this question a week ago but it wasn't well formed - hopefully this is a better attempt, but if you need anything else please do let me know.

Related

Issue with editing of Path authentication page

So I have next issue. My app export some images to Path(some social network, as I think), and I use Amazon appstore for sharing my app. But the authentication page of Path, which I fetch in webview has a link to Apple Store and Google Play Market, that's very bad, because of amazon policy disallows such links and I can't publish my app. Here is example of such authentication page - https://partner.path.com/oauth2/authenticate?response_type=code&client_id=1b81bf92642176a90222d90c5ca5c2c6937f4dd7.
First of all, I tried to find some way to edit downloaded page - use javascript to get code of page, delete a link and fetch it back to webview. But after such manipulations webview stop to respond on clicks and I can't log in. I done smth like in this post - Is it possible to get the HTML code from WebView.
So I ask your help guys in next issue - I need working variant of authentication page of Path without any links to any markets.
everybody! It's not possible to edit the page in way it will working correctly after it. So I was forced to delete this function from my app.
Also I have written an email to Path team - they just answered that they don't going to change their authentication page in near future.

Hiding URLs from the location bar

This might be a silly question which I'll delete if I realise, so if you are reading this then I didn't yet figure it out.
I have some software which is online (addressable) and available but it's a bit of a secret, so instead of just hitting my software when you come to my domain, you are shown a blog that I wrote and hidden within that blog is a link ;)
All well and good.
Now the problem is that users of my software always post screenshots which gives my 1/2 secret URL away. EEEEK yep! So I wanted to have the url be just the plain old normal domain, so as not to make things too easy for them hacky types :p
I have full control over everything here. Clientside / Server / Everything. Initially you hit some jsp and then the GWT app (inside of Tomcat) - you have to provide login details in the GWT app. So I have plenty of places to do this URL hiding / faking but any ideas to help would be great.
...and yes I'm posting this (perhaps isn't too dumb)!
Many thanks in advance.
You can use the javascript history.pushState() here
history.pushState({},"Some title here","/")
For example, on http://yourwebsite.com/secretlink.html, after the JS runs, the URL bar will show http://yourwebsite.com/ without having refreshed the page1. Note that if the user refreshes the page they will be taken to http://yourwebsite.com/ and not back to the secret link.
You can also do something like history.pushState({},"Some title here","/hidden.jsp"), so that if the user refreshes the page you can show them an error page that tells them to find the secret link and open it again.
1. If you pushState() some other domain than your own, a refresh will happen so this cannot be abused to phish sites
Include the inner page as an iFrame

Confirm Link Appearing after Clicking Like Button

I just switched to a new host, changed all the information on my Facebook application settings page, and added the Open Graph namespace URL to my HTML element. What's the deal? On my old domain it was working and both accounts are subdomains. The difference between mine and other complaints of similar issues is that likes are not going through for me. Please help. Thanks.
This is Facebook's anti-spam measure. It will go away once people have started like-ing it.
See Facebook Like without Confirm?
This is Facebook's anti-spam measure and It will go away once people have started like-ing it.
One note to people seeing this issue. Majority of the time when you see this and you KNOW you're not phishing for likes, it's mostly likely because your QA team has liked and unliked content multiple times and short amount of time. This behavior sets off facebook's spam flags and thus adds the confirm button.
Hope that helps.

HTML 5 / Site config causing FB block

I created a new website using a newly registered domain.
When trying to share it as a link in Facebook, it is classed as "spammy" and I'm unable to share it.
After a few weeks of research and reporting to FB I copied the site entirely and placed on a new TLD.
This has instantly become blocked on facebook which made me think there's something within the structure of the site which is causing it to be marked as spam.
Using object debugger on the original URL has given a number of various responses such as:
"Error parsing input URL, no data was scraped"
Response code 206
Response code 203
I read that using chrome can bug it out so I used firefox and safari to check.
Does anyone have any idea why the response codes vary for a static site?
Are there any specific site setups which are currently causing FB to block?
I have read that certain .htaccess configs, such as www>non-www can upset FB, is this true?
The sites in question are:
Link 1 (this was intended to be the only domain)
Link 2 (this was setup only when original domain was blocked)
These domain are new, never been used for spamming or mail.
I have checked all the blacklists I could possibly search and have not found anything that indicates problems.
It really does seem that there is something in the configuration of the site that is causing it to be blocked. Does anyone have any idea or experience in this??
I was able to scrape the page correctly using the Debug Lint tool:
http://developers.facebook.com/tools/debug/og/object?q=http%3A%2F%2Fwww.sophie-mcelligott.com%2F
Maybe facebook block newly registered domains for a fixed time before letting you share it on Facebook, presumably to stop spammers. Are you able to scrape both sites correctly?

Workaround to prevent Facebook "Like" cross-domain error?

I've been working on this particular error for a week now, debugging different social buttons and narrowing it down to Facebook in general: every "Like" button I've implemented (HTML5, xfbml, etc.) triggers the same cross-domain scripting error. Basically, Facebook is triggering this error with every iFrame (like below) upon clicking "like":
Unsafe JavaScript attempt to access frame with URL http://mediacdn.disqus.com/1326940420/build/system/def.html#xdm_e=http%3A%2F%2Fwww.vancitybuzz.com&xdm_c=default4311&xdm_p=1& from frame with URL http://www.facebook.com/plugins/like.php?channel_url=https%3A%2F%2Fs-static.ak.fbcdn.net%2Fconnect%2Fxd_proxy.php%3Fversion%3D3%23cb%3Df31a0247d%26origin%3Dhttp%253A%252F%252Fwww.vancitybuzz.com%252Ff3c0eb7e0c%26relation%3Dparent.parent%26transport%3Dpostmessage&extended_social_context=false&href=http%3A%2F%2Fwww.vancitybuzz.com%2F2012%2F01%2Fchinese-new-year-events-2012-vancouver-richmond-burnaby%2F&layout=box_count&locale=en_US&node_type=link&sdk=joey&send=false&show_faces=false&width=90. Domains, protocols and ports must match.
Why this isn't a duplicate: the issue occurs even in the absence of the twitter button and google+ button. it also occurs in every implementation of the "like" button. the symptoms point to a new issue.
Methods attempted: I've tried multiple "versions" of the Like button all with the same issue. It's even conflicting with DISQUS.
Suspects: Pages that do not have any DISQUS code are functioning normally. This variable (output by DISQUS wordpress plugin) is suspect:
var facebookXdReceiverPath = 'http://www.vancitybuzz.com/wp-content/plugins/disqus-comment-system/xd_receiver.htm';
In addition, javascript output by Facebook is also suspect.
See it yourself: Go to http://www.vancitybuzz.com/2012/01/research-in-motion-ceos-resign/ it's likely to change, though.
The Question
Given the information here, does anyone know of a workaround to force out the cross-domain error? Many thanks.
After multiple people have looked into this, including myself, currently there is no workaround for cross-domain errors because Facebook uses iFrames for communication.
This would also apply to the Google Plus button as it stands today.
However, the future looks bright. Google devs (and likely Facebook, too) have confirmed they are working on a new solution.
In the meantime, some people have reported that using Facebook and other widget plugins seem to alleviate the problem in Wordpress-structured sites. No guarantees.
http://mashable.com/2010/05/07/wordpress-facebook-like-buttons/
The Future: I wouldn't be surprised if websockets (and flash ws fallbacks) are used, but I'll leave that to the platform devs

Categories

Resources