Christmas pudding decorated with skimmia rathe...
Christmas pudding decorated with skimmia rather than holly. (Photo credit: Wikipedia)

Today is the last day of my Christmas break and the winter term will officially start tomorrow. I did use my break in a productive way as I mentioned in my post last week. To continue with my exploration, I found out two more things the hard way. So I thought I would share it here so that you guys can probably save some time.

I decided to learn how to make a facebook app. So I registered for a developer account and got my AppID and secret key. I made a word game in php for dermatology and decided to port it to the facebook canvas. The facebook interface asked for the normal application URL and the https URL. Near the https field, it is mentioned that https is a requirement from Oct 11th onwards. Since it is only the beginning of 2014 with a good 10 months to October, I decided to leave the https blank. The form submission was accepted without any problems and I was given a new ‘blank’ canvas.

Despite my best efforts at debugging, the canvas remained perpetually blank. After hours of googling, I found out the bitter truth. The October 11 is not Oct 2014, but Oct 2011 and is over 2 years back! So facebook needs a secure https URL for displaying external apps in the facebook canvas and it is mandatory for the last 2 years. I have no complaints about facebook’s security policies and probably this is a good thing. But why the Oct 11 is still mentioned there without the year, and why the form is getting validated without an https url still!!

The other thing I found out the hard way was the (simple fact 🙂 ) that: Ajax is basically javascript obeying the Same-origin policy. Your backend php script (or any other script) should be on the same server. Again no complaints, but……

Here is my DermGame who could never make it to the facebook, but got a facelift with Ajax. Sorry for the mangled interface and template.

Bell Eapen
Follow Me