Facebook iframe tab signed request always empty

Question

I\'m working on a Facebook app tab and would like to use the signed request bundle as documented here: http://developers.facebook.com/blog/post/462/

I\'m trying to u

Answer 1

Okay, figured it out! When configuring the app, I had filled in the "Tab URL" to be "tab/" This made the full url to the tab page "http://www.example.com/myfacebookapp/tab/" This made sense to me.

Apparently, Facebook doesn't like this. After changing my "Tab URL" to 'tab/index.php", the signed request started to show up in the app tab!

Answer 2

Once you are Authenticate with Application you will get the signed_request data, Authenticated as like in the below URLs

• https://developers.facebook.com/docs/authentication/
• https://developers.facebook.com/docs/reference/javascript/FB.login/

Answer 3

Thanks Seth I was having the same problem. I could get a signed request on the app canvas page but not of my page tab. For clarification

1. go to www.facebook.com/developers/
2. click on edit settings for your app
3. click the Facebook Integration tab
4. at the bottom in the Page Tabs section in the Tab URL field enter in the path to the index.php page for your facebook landing page

ex. if your page is located at www.foobar.com/facebook/tab/index.php you need to put "tab/index.php" (without the quotes) rather than just "tab/"

Been trying to figure this out for days!

Answer 4

I found a solution: Just put a "/" at the end of the tab url. Like: "http://domain.us/facebook/tab/"

It worked for me, let us know if it also works for you!

Answer 5

Essentially, the problem is that your webserver is performing a redirect when it receives the request. In your case, it's redirecting from http://www.example.com/myfacebookapp/tab/ to http://www.example.com/myfacebookapp/tab/index.php; in my case it was redirecting from http://www.example.com/myfacebookapp/tab to http://www.example.com/myfacebookapp/tab/ (my app is built in .Net MVC, so has no filenames, but needs that trailing slash, apparently).

So the canonical solution is to make sure that the path in the Tab URL field is the actual URL, not one that the webserver will redirect to. If the webserver has to make a redirect, then the real page is fetched by GET (not POST) and no signed_request postdata is provided to your script.

Very frustrating; I just spend an hour and a half debugging why my test app worked and the production one didn't. To make things worse, I knew this answer, it just didn't register that this was what the problem was. Very irritating!