Facebook xhr login: Cross-Origin Request Blocked
Question
I have this problem, when I try to log in users on my website through facebook using XHR my request gets blocked, however if I copy the URL of the XHR request and paste it in the browser I get logged in.
So here's a simple schematic:
Why is xhr getting blocked on the same url a browser can access?
1 answers
solution1
6 ACCPTED 2016-08-30 07:51:47
Why is xhr getting blocked on the same url a browser can access?
Because it is a cross-domain request, and as such the remote party would have to allow that request first, which is what is referred to as CORS.
Facebook does not allow its login dialog to be loaded via script from different domains – for the obvious reason that users need to be able to be verify which site they are sending their login credentials to via the browser address bar, to avoid phishing.
You can not load the FB login dialog via XHR/AJAX in the background; you need to call/redirect to it in the top window instance.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.