使用Twitter / Facebook时,不安全的JavaScript尝试使用URL访问框架

时间:2012-12-11 04:13:32

标签: javascript twitter cross-domain facebook-javascript-sdk

我正在使用Twitter和Facebook JavaScript SDK构建网站。我试图从网站上发送推特和Facebook的股票。但是当我尝试从我的网站发送推文或Facebook分享时,我收到以下错误:

铬:

Unsafe JavaScript attempt to access frame with URL http://edro.no-ip.org:3000/#_=_ from frame with URL http://platform.twitter.com/widgets/tweet_button.1354761327.html#_=1355186876357&count=none&id=twitter-widget-0&lang=en&original_referer=http%3A%2F%2Fedro.no-ip.org%3A3000%2F%23_%3D_&related=xbox%3AGhostfire%20Games&size=m&text=Check%20out%20this%20fun%20story!%20%23atalltale&url=http%3A%2F%2Fedro.no-ip.org%3A3000%2Fstories%2FiqU9xW1FJI. The frame requesting access set 'document.domain' to 'twitter.com', but the frame being accessed did not. Both must set 'document.domain' to the same value to allow access.

Safari浏览器:

Unsafe JavaScript attempt to access frame with URL http://edro.no-ip.org:3000/ from frame with URL http://platform.twitter.com/widgets/tweet_button.1354761327.html#_=1355197702032&count=none&id=twitter-widget-0&lang=en&original_referer=http%3A%2F%2Fedro.no-ip.org%3A3000%2F&related=xbox%3AGhostfire%20Games&size=m&text=Check%20out%20this%20fun%20story!%20%23atalltale&url=http%3A%2F%2Fedro.no-ip.org%3A3000%2Fstories%2FiqU9xW1FJI. Domains, protocols and ports must match.

这是代码(我只包括相关部分):

<!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="https://www.facebook.com/2008/fbml">

<head>
    <title>Title</title>
    <link rel="stylesheet" href="/stylesheets/style.css">
</head>

<body>
</body>

<center>
    <h1><a href="/">Page Header</a></h1>
    &nbsp
    <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.5/jquery.min.js"></script>

    <div id="fb-root"></div>

    <script type="text/javascript">

    // Once the Facebook SDK is fully loaded, this callback will be invoked
    window.fbAsyncInit = function()
    {
     FB.init({
      appId: "250634021702621",
      status: true,
      cookie: true,
      channelUrl: '//edro.no-ip.org:3000/channel.html',
     });
     FB.Event.subscribe('auth.statusChange', handleStatusChange);
    };

    // Callback for once we are logged in and authorized
    function handleStatusChange(response) {
     document.body.className = response.authResponse ? 'connected' : 'not_connected';
     if (response.authResponse)
     {
     }
    };

    // Declare a generic SDK loading function
    var loadSDK = function(doc, script, id, src)
    {
     var js, fjs = doc.getElementsByTagName(script)[0];
     if (!doc.getElementById(id))
     { 
      js = doc.createElement(script);
      js.id = id;
      js.src = src;
      js.async = true;                      // Makes SDK load asynchronously
      fjs.parentNode.insertBefore(js,fjs);
     }
    };

    // Twitter SDK loading
    loadSDK(document, 'script', 'twitter-wjs', 'https://platform.twitter.com/widgets.js');

    // Facebook SDK loading
    loadSDK(document, 'script', 'facebook-jssdk', '//connect.facebook.net/en_US/all.js');

    // Facebook callback - useful for doing stuff after Facebook returns.  Passed as parameter to API calls later.
    var myResponse;
    function callback(response)
    {
     if (response)
     {
      // For debugging - can query myResponse via JavaScript console
      myResponse = response;
      if (response.post_id)
      {
      }
      else
      {
       // Else we are expecting a Response Body Object in JSON, so decode this
       var responseBody = JSON.parse(response.body);
       // If the Response Body includes an Error Object, handle the Error
       if(responseBody.error)
       {
       }
       // Else handle the data Object
       else
       {
       }
      }
     }
    }
    // All API calls go here
    $(document).ready(function ()
    {               

     // Post to your wall
     $('#post_wall').click(function ()
     {
      FB.ui(
       {
        method: 'feed',
        // useful if we want the callback to go to our site, rather than the JavaScript, so we can log an event
        redirect_uri: 'http://edro.no-ip.org:3000',
        link: 'http://edro.no-ip.org:3000/stories/{game.id}',
        picture: 'http://fbrell.com/f8.jpg',
        name: 'name',
        caption: 'caption',
        description: 'description'
        // display: 'popup'
       },
       callback
      );
      return false;
     });
    });</script>

    <!-- Tweet code-->
    <a href="https://twitter.com/share" data-lang="en" data-count="none" data-related="xbox:Ghostfire Games" data-text="test" data-url="http://edro.no-ip.org:3000/stories/iqU9xW1FJI" class="twitter-share-button">Tweet</a>

    <!-- Facebook share code-->
    <p id="msg"><a href="#" id="post_wall">Share on Facebook</a></p>
</center>

</html>

1 个答案:

答案 0 :(得分:0)

&#34;域,协议和端口必须匹配。&#34; (旧版本的?)Safari的典型不匹配是http://www.example.comhttp://example.com