Facebook gives "Unsafe JavaScript attempt to access frame with URL" error in Chrome

javascript google-chrome facebook

Solution 1:

I've found the solution. If you execute FB.login without user action, webkit blocks the popups.

For instance, I used an invite system on my project. There was a input/text to enter invitation code. I checked the invitation code is available with an ajax/post request. if it is available, I run FB.login(). As you guess, browser blocked popup and tons of errors appeared at js console.

So you must run FB.login() after a user action. I'll put a facebook login button between ajax/post and FB.login(). Users'll have to click it -thats sucks- but they'll not see a problem.

Btw, the problem reoccurs after a few days. I think it's about trust system of browser. When you're developing it, you visit lots of times, browser thinks it's reliable at first. I'm not sure about this part but my solution works.

Solution 2:

In my case it was because of facebook JS loaded multiple times at single page: one for login and second for "like" button. Removing reference in "like" module saves the day.

Solution 3:

Mücahit Yılmaz is correct. Take the example I pasted below and if you use the setTimeout() method it fails, other wise it works. I still get the warning message in a loop until I properly login but it's a small price to pay. I'm sure users won't see it.

$(document).ready(function() {
$("#facebook_link").click(function() {
    //setTimeout(fb);
    fb();
    return false;
});

function fb() {
    FB.getLoginStatus(function(response) {
        if (response.session) {
            // logged in and connected user, someone you know
            gotResponse(response);
        } else {
            // no user session available, someone you dont know
            FB.login(function(response) {
                if (response.session) {
                    // user successfully logged in
                    gotResponse(response);
                } else {
                    // user cancelled login, do nothing
                }
            });
        }
    });
}

function gotResponse(response) {
    console.dir(response);
}

});

It's easy to reproduce: login to facebook in another tab, then try this code and you'll see no warnings. Logout, then try the code and you get the warnings. It's because it hits the .login block.

Related

When to use an auto-incremented primary key and when not to?
Comparison of Priority Queue implementations in Haskell
In Rails when a resource create action fails and calls render :new, why must the URL change to the resource's index url?
Disable Chrome strict MIME type checking
How to list Kubernetes recently deleted pods?
How to stop user agent stylesheets from overriding my css
Advantages of using react-bootstrap over bootstrap
WeakReference/AsyncTask pattern in android
How to annotate Express middlewares with JSDoc?
Benefits of "Use Strict" in JS [duplicate]
Package vs Library
Display DIV at Cursor Position in Textarea [duplicate]