I created a facebook page tab, and tried loading a page generated by the codeIgniter 2.2.1 (CentOS 5.5, PHP 5.3.3).
$config['csrf_protection'] = TRUE;
The following errors occurred.
Error: An Error Was Encountered - The action you have requested is not allowed.
Please see the screenshot Thank you.
I think, This is not CSRF Error. This error is your page request not found. so, please check your path which have you call. and check controller name with "First Letter" Capital. and check load view path. For more information. MORE
ThankYou.
FB it's passing the signed_request
while it's loading your app and doesn't know how you handle your app, or better - doesn't know the CSRF token to pass this back to your app.
Try to disable the CSRF and if it's working you may need to modify this.
I don't have access on a CodeIgniter setup right now, but something like this should work:
if (!$_POST['signed_request'])
{
$config['csrf_protection'] = TRUE;
}
*That's just an example and you can modify it according your app needs/security measures.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.