I had an issue recently with a Facebook app (using .Net in the back end) in Safari. Nothing put into the user session was persisting between page loads. The user was authenticated, put into the session, but on the next page bam - gone again.
After doing some checking, I found a few posts that pointed me in the direction of the issue. Turns out that Safari considers the app inside the iframe to be a "third-party" site and therefore doesn't accept the session cookie. More searching turned up a suggestion - open the app site outside of the iframe if you're in Safari so that the cookie can be set.
So that's exactly what I did. During the authentication stage of the app (when dealing with the oauth token and so on), I check to see if the Request.UserAgent contains "Safari" (and not "Chrome"). If so, I redirect to a new view, SafariRedirect which uses a chunk of JavaScript to force my Facebook Authorisation view to open in the top frame.
This view sets the session cookie by putting a dummy value into it, allowing the cookie to exist for the site going forward (including within the iframe).
And that managed to do the trick.
No comments:
Post a Comment