开发者

facebook.com server doesnot suppport RFC 5746

i have integrated facebook in a web system (facebook login and some social plugins like comment box, fb:share, activity plugin etc).

Every thing was working fine. but now a day before yesterday facebook login button and comment box has stopped working only on one page. On other pages it is still working. I have even replaced the code with the code of working pages but all in vain.

When i click on login button no pop up displays and on comment box is displa

The page your requested cannot be displayed.

One thing I have noticed that I have installed web developer tool in Firefox. It is displaying a message error only on that particular page

api-read.facebook.com:server does not support RFC 5746, see CVE-2009-3555.

Other pages where facebook working is fine this message is not present.

The thing that I want to ask first what is this error?

I have searched CVE 299-3555 that it is some 开发者_JAVA百科kind of server problem. is some thing wrong in my code or it is a bug from facebook? If it is problem on my side then why same code on other pages is still working? I just want to ask where is the problem?

Well I have used following code:

<div id="fb-root"></div>
<script>
window.fbAsyncInit = function () {
    FB.init({ appId: "MY APP ID",
        status: true,
        cookie: true,
        xfbml: true
    });

    FB.getLoginStatus(function (response) {
        if (response.session) {
            // HERE I AM SENDING PARAMETER TO LOGIN IN SYSTEM
        } else {
        }
    });
    FB.Event.subscribe("auth.login", function (response) {
        window.location.reload();
    });
    FB.Event.subscribe("auth.logout", function (response) {
        // HERE I AM SENDING PARAMETER TO LOGOUT 
        // FROM THE SYSTEM IS USER LOGOIT"S FROM FACEBOOK
    });
};

(function () {
    var e = document.createElement("script");
    e.src = document.location.protocol + "//connect.facebook.net/en_US/all.js";
    e.async = true;
    document.getElementById("fb-root").appendChild(e);
} ());
</script>


It is a security issue at Facebook's side. But it does not really matter since they transmit most of the sensitive information like the session cookie over plain unencrypted http anyway.

It is not related to your problem.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜