我收到了无限量的这条消息(就像在循环中一样)并且它破坏了网站
Rails 4.0.0(使用 Turbolinks)
错误信息
Blocked a frame with origin "https://www.facebook.com" from accessing a frame with origin "http://app.herokuapp.com". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.
Facebook.js.coffee
fb_root = null
fb_events_bound = false
$ ->
loadFacebookSDK()
bindFacebookEvents() unless fb_events_bound
bindFacebookEvents = ->
$(document)
.on('page:fetch', saveFacebookRoot)
.on('page:change', restoreFacebookRoot)
.on('page:load', ->
FB?.XFBML.parse()
)
fb_events_bound = true
saveFacebookRoot = ->
fb_root = $('#fb-root').detach()
restoreFacebookRoot = ->
if $('#fb-root').length > 0
$('#fb-root').replaceWith fb_root
else
$('body').append fb_root
loadFacebookSDK = ->
window.fbAsyncInit = initializeFacebookSDK
$.getScript("//connect.facebook.net/it_IT/all.js")
initializeFacebookSDK = ->
FB.init
channelUrl : 'http://app.heroku.com/page/fbchannel'
appId : 'MY_ID_HERE'
status : true
cookie : true
xfbml : true
页面 Controller
class PageController < ApplicationController
skip_before_action :authenticate_user!
def fbchannel
cache_expire = 1.year
response.headers["Pragma"] = "public"
response.headers["Cache-Control"] = "max-age=#{cache_expire.to_i}"
response.headers["Expires"] = (Time.now + cache_expire).strftime("%d %m %Y %H:%I:%S %Z")
render :layout => false, :inline => "<script src='//connect.facebook.net/it_IT/all.js'></script>"
end
end
FBlike ( helper )
def fblike(resource, layout = 'standard')
content_tag(:div, "", class:"fb-like", data: {
href: polymorphic_url(resource),
width: "225",
show_faces: false,
stream: false,
show_border: false,
header: false,
layout: layout
}
)
end
最佳答案
很老的问题,但它仍然是开放的 - 所以如果你还没有看到这个答案,Mademoiselle Geek 就在现场。对我的 heroku 应用程序进行快速复查,确认您实际上可以只输入 https: 而不是 http: 并且它会自动接受 SSL 连接 - 无需设置。你唯一需要设置的是在你的 Facebook.js.coffee- 这个部分..
initializeFacebookSDK = ->
FB.init
channelUrl : 'http://app.heroku.com/page/fbchannel'
改成..
initializeFacebookSDK = ->
FB.init
channelUrl : 'https://app.heroku.com/page/fbchannel'
然后,根据您的操作系统(我使用 linux)对
http://app.heroku
进行快速 grep 搜索(或搜索目录中的文件文本)。并将其更改为 https,以确保安全。
关于ruby-on-rails - 阻止原点为 "https://www.facebook.com"的帧访问原点为 "http://myapp.herokuapp.com"的帧,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/17948249/