Rails 3.2.2 Facebook app using Devise and Omniauth redirecting out of iframe on user permissions confirmation

Go To StackoverFlow.com


Heroku hosted Rails 3.2.2 app using Devise and Omniauth.

I'm currently getting the facebook userid via post when opening the app. If the user exists, I automatically log them in and it all works peachy. If they don't, I redirect them to


Which gets "/users/auth/facebook" - and the Facebook 'permissions request' dialog. If the user accepts, OmniauthCallbacksController#facebook is called, which signs the user in and redirects them to the app's home page. But on that last redirect, they are being redirected out of the Facebook iframe.

I'm out of ideas as to why this is taking me out of the iframe. Any suggestions?

Minor correction, I don't ask new users to authenticate automatically. They have to press a button to engage with the site before being asked for permissions.

2012-04-04 02:00
by Adrian Gray
Check your redirect settings for the Facebook app on Facebook page. The settings would be different for dev and prod env's - Jatin Ganhotra 2012-04-04 05:21
If that doesn't help, paste your code here, so that others can have a look at it - Jatin Ganhotra 2012-04-04 05:21
Thanks, but I was trying to save some time for a quick test. I made it do the permissions request in a popup instead of a redirect, and it's working fine now. Shouldn't have tried to cut corners.. - Adrian Gray 2012-04-04 06:02


In your omniauth.rb initializer, put

OmniAuth.config.full_host = "http://apps.facebook.com/canvas_url/"

Trailing / was necessary if I remember correctly.

This should keep you within the Facebook frame.

2012-04-17 17:37
by sbauch