Facebook Authentication: HttpServletResponse.sendRedirect(URL) different to typing the URL directly into browser?

I am trying to redirect my users to the Permission Request page of Facebook, by redirecting them to

https://graph.facebook.com/oauth/authorize?client_id={client_id}&redirect_uri={redirect_uri}&scope={permission_scope}

When I type the Url directly into the browser, it comes to the right page: a dialog appears to ask if the user accept to give permission to my application.

But when I send redirect request b开发者_如何学Pythony server:

response.sendRedirect("https://graph.facebook.com/oauth/authorize?client_id={client_id}&redirect_uri={redirect_uri}&scope={permission_scope}");

It sends the user into a page with a big Facebook Logo. If user click on the logo, it will show the authorization page as normal.

I wonder if I miss a thing or two in my response, which makes the result different to typing directly in a browser. Does anyone have the same problem?

This is because you can't have an application iFrame (on apps.facebook.com) containing a page from the Facebook domain.

You need to use JavaScript to do your redirect:

response.getWriter().println(
   "<script>" + 
   "top.location.href = \"https://graph.facebook.com/oauth/authorize?client_id={client_id}&redirect_uri={redirect_uri}&scope={permission_scope}\"" +
   "</script>"
);