HTTPS Migration – a tip for you if PHP SDK failed in your environment

Have you started working on OAuth 2.0 and HTTP migration for your Facebook applications? It is not difficult actually but still you need to test it out.  The major issue is probably to handle the external references (e.g. loading remote javascript, image files etc).

At the application level, while handling the HTTPS migration for our Facebook application, one of the common tasks that we need to handle is to detect the current protocol used.

This is required in cases like where you need to do a explicit redirection.  You also need to specific the proper redirect_uri when handling authentication.

For people using PHP, if you google for that, you will probably simply come up with the following code,

$protocol = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';

This works fine in most of the common environment.  However, if you are using load balancers or reverse proxies, then the above common may fail.  In such a case, you may try to use the following code,

if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
    isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && 
    $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) {
   $protocol = 'https://';
} else {
   $protocol = 'http://';
}

This is actually one of the recent pull request committed to the PHP SDK recently.

This entry was posted in Development Tips, PHP SDK Demystified and tagged . Bookmark the permalink.

One Response to HTTPS Migration – a tip for you if PHP SDK failed in your environment

  1. Pingback: Another Facebook Canvas App HTTPS migration tip | Wing's Blog on Facebook Development & Virtualization

Leave a Reply

Your email address will not be published. Required fields are marked *