Skip to content

Instantly share code, notes, and snippets.

@shavit

shavit/facebook_apps_controller.rb

Created March 15, 2013 16:32
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save shavit/5171168 to your computer and use it in GitHub Desktop.
Save shavit/5171168 to your computer and use it in GitHub Desktop.
Download ZIP
Facebook page and canvas apps with Rails 4, can lead to a blank white page. In Rails 4, the X-Frame-Options are sets by default, and you should override them, to allow iframes in Rails.
Raw
facebook_apps_controller.rb
class FacebookClubsController < ApplicationController
layout "facebook_canvas"
after_filter :allow_iframe
def index
end
private
def allow_iframe
response.headers["X-Frame-Options"] = "GOFORIT"
end
end
@ksylvest
Copy link

Note:

It is probably a bit safer to whitelist to the facebook domain using:

response.headers['X-Frame-Options'] = "ALLOW-FROM https://www.facebook.com"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment