Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Redirect URI - How to remove "#_=_" from Facebook Redirect? #12

Closed
niftylettuce opened this issue May 24, 2012 · 35 comments
Closed

Redirect URI - How to remove "#_=_" from Facebook Redirect? #12

niftylettuce opened this issue May 24, 2012 · 35 comments

Comments

@niftylettuce
Copy link
Contributor

@niftylettuce niftylettuce commented May 24, 2012

UPDATE: See this comment towards end of this issue comment thread for the latest version of the fix for this issue.


Not sure how to fix this, since there isn't an immediate answer as to how to set the redirect URI.

Found this on SO: http://stackoverflow.com/questions/7693663/remove-from-the-facebook-redirect-url.

Also this will help to provide context: https://developers.facebook.com/bugs/196125357123225.

@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented May 24, 2012

Here was my fix using Modernizr (with alternative in comments) ...

// Remove the ugly Facebook appended hash
// <https://github.com/jaredhanson/passport-facebook/issues/12>
if (window.location.hash && window.location.hash === "#_=_") {
  // If you are not using Modernizr, then the alternative is:
  //   `if (window.history && history.pushState) {`
  if (Modernizr.history) {
    window.history.pushState("", document.title, window.location.pathname);
  } else {
    // Prevent scrolling by storing the page's current scroll offset
    var scroll = {
      top: document.body.scrollTop,
      left: document.body.scrollLeft
    };
    window.location.hash = "";
    // Restore the scroll offset, should be flicker free
    document.body.scrollTop = scroll.top;
    document.body.scrollLeft = scroll.left;
  }
}
@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented May 24, 2012

I'll add this to the Readme since this is a common problem due to Facebook's current bug.

jaredhanson added a commit that referenced this issue May 28, 2012
Added note regarding Facebook's bug with window.location.hash for issue #12
@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented May 31, 2012

Thanks!

@arxpoetica
Copy link

@arxpoetica arxpoetica commented Mar 17, 2014

FYI: it's actually better to use window.history.replaceState('', document.title, window.location.pathname); if you don't want the #_=_ bug to remain in the history.

@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented Mar 31, 2014

@arxpoetica thanks, how does this look? /cc @jaredhanson (do we need to update docs?)

// Remove the ugly Facebook appended hash
// <https://github.com/jaredhanson/passport-facebook/issues/12>
if (window.location.hash && window.location.hash === "#_=_") {
  // If you are not using Modernizr, then the alternative is:
  //   `if (window.history && history.replaceState) {`
  if (Modernizr.history) {
    window.history.replaceState("", document.title, window.location.pathname);
  } else {
    // Prevent scrolling by storing the page's current scroll offset
    var scroll = {
      top: document.body.scrollTop,
      left: document.body.scrollLeft
    };
    window.location.hash = "";
    // Restore the scroll offset, should be flicker free
    document.body.scrollTop = scroll.top;
    document.body.scrollLeft = scroll.left;
  }
}
@arxpoetica
Copy link

@arxpoetica arxpoetica commented Apr 1, 2014

Yup. That's what I did in my app.

@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented Apr 14, 2014

@jerone why'd you remove your comment? how about this /cc @arxpoetica

// Remove the ugly Facebook appended hash
// <https://github.com/jaredhanson/passport-facebook/issues/12>
(function removeFacebookAppendedHash() {
  if (!window.location.hash || window.location.hash !== '#_=_')
    return;
  if (window.history && window.history.replaceState)
    return window.history.replaceState('', document.title, window.location.pathname + window.location.search);
  // Prevent scrolling by storing the page's current scroll offset
  var scroll = {
    top: document.body.scrollTop,
    left: document.body.scrollLeft
  };
  window.location.hash = "";
  // Restore the scroll offset, should be flicker free
  document.body.scrollTop = scroll.top;
  document.body.scrollLeft = scroll.left;
}());
@arxpoetica
Copy link

@arxpoetica arxpoetica commented Apr 15, 2014

Word.

@jerone
Copy link

@jerone jerone commented Apr 15, 2014

@jerone why'd you remove your comment?

Because I posted exactly what the comment already noted, which I stupidly saw after posting.

// If you are not using Modernizr, then the alternative is:
//   `if (window.history && history.replaceState) {`
@pedramphp
Copy link

@pedramphp pedramphp commented Oct 22, 2014

I can't believe that facebook hasn't fixed this issue, yet.
But thanks for the fix Guys.

costa added a commit to costa/fb-crush that referenced this issue Oct 30, 2014
@grabbou
Copy link

@grabbou grabbou commented Nov 3, 2014

I am not sure if that's a Facebook issue @pedramphp.

https://developers.facebook.com/blog/post/552/

This week, we started adding a fragment #= to the redirect_uri when this field is left blank. Please ensure that your app can handle this behavior.

@arcanis
Copy link

@arcanis arcanis commented Dec 21, 2014

The fragment is added even when the redirect_uri is not blank (actually, it doesn't work anyway without the redirect_uri parameter, as far as I can see) ... :(

And Facebook seems to have removed the bug, so it's great.

Could this hash be removed from passport side ? : /

@arcanis
Copy link

@arcanis arcanis commented Dec 21, 2014

I've found another Facebook bug about this, which heavily implies that :

  • The bug is actually the blog post description
  • It will never be fixed
  • It is made to force-kill the hash

I think that node-passport should support this and drop the hash altogether, since its only purpose is to prevent the previous one from being transmitted.

@k-j-kleist
Copy link

@k-j-kleist k-j-kleist commented May 16, 2015

@arcanis: +1

@yozaira
Copy link

@yozaira yozaira commented May 21, 2015

Thanks for the fix, guys! It was driving me crazy

@m3commish
Copy link

@m3commish m3commish commented Jul 1, 2015

Where do I place the code?

// Remove the ugly Facebook appended hash
// #12
(function removeFacebookAppendedHash() {
if (!window.location.hash || window.location.hash !== '#=')
return;
if (window.history && window.history.replaceState)
return window.history.replaceState("", document.title, window.location.pathname);
// Prevent scrolling by storing the page's current scroll offset
var scroll = {
top: document.body.scrollTop,
left: document.body.scrollLeft
};
window.location.hash = "";
// Restore the scroll offset, should be flicker free
document.body.scrollTop = scroll.top;
document.body.scrollLeft = scroll.left;
}());

@ghost
Copy link

@ghost ghost commented Jul 27, 2015

When user try to log in with FB, then I redirect him to my web url "/fb", but this code is clear my "/fb" get param...

@BjarniLeifs
Copy link

@BjarniLeifs BjarniLeifs commented Aug 4, 2015

I had this problem and tried a lot of things.

How ever when I added website and hit quick start in the app (in website title bar on app site)
I saw : Setup the Facebook SDK for JavaScript

They said to put it after body and So I did.

window.fbAsyncInit = function() {
FB.init({
appId YOUR_APP_ID,
xfbml : true,
version : 'v2.4'
});
};

(function(d, s, id){
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) {return;}
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));

Everything worked after what ..

Since I'm using jwt and not session I had to add in the callback

app.get('/auth/facebook/callback', passport.authenticate('facebook', {
session: false,
successRedirect : '/',
failureRedirect : '/login'
}));

Now I get the information from Facebook but some variable's undefined, but it is step forward.

Hope this works for you too :)

@Globik
Copy link

@Globik Globik commented Oct 11, 2015

Епт, на дворе 2016 год, а до сих пор не исправили баг.

@cadilhac
Copy link

@cadilhac cadilhac commented Feb 17, 2016

@niftylettuce For completeness, it would be good to add the query string to the url rewrite:

return window.history.replaceState("", document.title, window.location.pathname + window.location.search);

@niftylettuce
Copy link
Contributor Author

@niftylettuce niftylettuce commented Feb 20, 2016

done @cadilhac

@rubilnik89
Copy link

@rubilnik89 rubilnik89 commented Jun 30, 2017

Епт, на дворе середина 2017 года, а до сих пор не исправили баг.

@Globik
Copy link

@Globik Globik commented Jun 30, 2017

А и не говори.

@vtrykoz
Copy link

@vtrykoz vtrykoz commented Dec 21, 2017

ёпт, на дворе начало 2018 года, а до сих пор не исправили баг.

@Globik
Copy link

@Globik Globik commented Dec 22, 2017

Баг не баг, а не покую ли как строка выглядет? Пить, есть не просит. Ее преобразовать можно с помощью windows.history или что-то в этом роде. Да мне просто лень это делать, да и не во всех браузерах сиё работает.

@Globik
Copy link

@Globik Globik commented Dec 22, 2017

Че интересно так history.replacestate в файерфоксе почему-то не возымеет никакого действия, в ие не пробовал. В хроме отлично работает, на ура.

@codekote
Copy link

@codekote codekote commented Jul 17, 2018

2018... still

@Globik
Copy link

@Globik Globik commented Jul 17, 2018

@vtrykoz середина 2018-го уже.

@vtrykoz
Copy link

@vtrykoz vtrykoz commented Jul 17, 2018

@Globik и не говори

@luisvallejomohl
Copy link

@luisvallejomohl luisvallejomohl commented Jul 18, 2018

The answer is:

if(location.hash = '#_=_'){
location.href = location.href.split('#')[0];
}; 
@Reg0804
Copy link

@Reg0804 Reg0804 commented Jan 15, 2019

На дворе начало 2019, до сих пор не исправили баг! 😱

@b1acksun
Copy link

@b1acksun b1acksun commented Mar 4, 2020

Март 2020, до сих пор не исправили баг!

@vtrykoz
Copy link

@vtrykoz vtrykoz commented Mar 4, 2020

Еще пару годиков и багу исполнится десятилетие

@TokerX
Copy link

@TokerX TokerX commented Sep 12, 2020

The answer is:

if(location.hash = '#_=_'){
location.href = location.href.split('#')[0];
}; 

Haha, no it's not. This will put you in an infinite loop. ;)
It should be if(location.hash === '#='){

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
You can’t perform that action at this time.