https://developers.facebook.com/docs/authentication/signed_request/ states that the JSON part of the signed request is base64url encoded. Without this fix, decoding signed requests containing _ or - characters leads to garbled strings and JSON parsing fails subsequently.
…t_name are not populated without a call to fetch first
…ler.oauth2_fetch_client_and_user_from_cookie. CGI.escape throws a gsub exception when nil is passed.
…y setting width of the fb_server_fbml rendered iframe (only way which works)
Had a case where the cookie key was set, but the value was a blank String, which raised an error. Now, the error is gone and the user is not authenticated.