stackoom
  简体   繁体   中英

Facebook “Like” button not “liking” content inside secured folder?

 原文  2011-02-22 07:17:40       facebook/ facebook-like/ authentication

Question

I am implementing the facebook "Like" button. works all fine with 

    <fb:like 
href="http://www.thismydomain123.com/IlikeThisPage.php?id=123" 
layout="standard" 
show_faces="false" 
width="450" 
action="like" 
colorscheme="light" />

But having sharable content placed in a secured folder, won't do (accessing the folder directly would prompt "The http://www.thismydomain123.com at mySecureFolder requires a username and password..."): 

<fb:like 
href="http://www.parisgallery.com/mySecureFolder/IlikeThisPage.php?id=123" 
layout="standard" 
show_faces="false" 
width="450" 
action="like" 
colorscheme="light" />

So, is there a way to authenticate or any other preferable solution for this?

thanks a lot,
Steilflug

1 answers

solution1
 6  2011-05-15 00:08:21

In short, no there is not a solution that would both work and be secure. When a user clicks the 'like' button on a page, Facebook pings your page from its own servers in order to get images and text to display on your news feed (see Why does Facebook appear in my server logs? ). The trick is to let Facebook pings in but block all other traffic that isn't authenticated.

Facebook pings using the user agent facebookexternalhit/1.0 (+http://www.facebook.com/externalhit_uatext.php) . If you aren't too concerned about security you could allow access to your pages for any agent using that user agent string. It's important to note, however, that this is entirely insecure because any agent can change their user agent string on their own accord. Facebook also offers no guarantee that their user agent string won't change so this method could stop working at any moment.

Another option would be to simply allow anyone on a Facebook IP address access without authentication. This would work assuming Facebook is consistent about the IPs that it pings from, but again there is no guarantee on this front. This is also potentially insecure if you only want some Facebook features and/or employees to be able to see your content without validation or if Facebook releases their ownership of those IP blocks.

I suppose your real problem is that you're trying to have content that is at the same time both protected and sharable which is a sort of a paradox. The only true solution to this problem would be to allow anyone read access to your content.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question facebook like button liking wrong url Facebook like button liking too much Facebook like button is liking wrong url Facebook Unity SDK how to add like button for (for liking Facebook page)? Using like button plugin for liking a photo hosted on facebook Facebook-like button as an overlay to have cross-network liking? Facebook like not liking the proper page Facebook like button - like content facebook inside like button Facebook like box, liking specific url
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM