Skip to main content

JavaScript in Facebook applications

Facebook (finally) allowed Java Script in FB applications outside of IFRAME
http://wiki.developers.facebook.com/index.php/FBJS
Among other things, I liked how elegantly they are creating namespaces separating different applications on the same page. Seems that it cold be a security hole here - it is possible to enumerate java functions on the page and "impersonate" user actions with another apps installed on the same page. Other than that - it's great that we can use JavaScript outside of the IFRAME sandbox.

Comments

Facebook is a really cool application! You are there just for the research, right? :)

Nice blog!
Unknown said…
Thanks for nice comment about the blog:)
For the Facebook, I am writing a custom app and thinking about (may be) some curriculum for a class on Facebook application development.
Angelina said…
I am really inspired when I was writing a custom app and thinking about (may be) some curriculum for a class on Facebook application development.Thanks
Facebook Applications

Popular posts from this blog

Freebase Hack Day

Posting to FaceBook feed using Graph API

Graph API was announced at F8 with a promise to dramatically simplify the FB API. I checked the read access over the new interface during the presentations and to my big surprise it worked flawlessly and from the first time. When I tried https://graph.facebook.com/facebook , JSON-formatted info about the FaceBook page was returned (as expected). Then I tried OAuth 2.0 way of accessing the API to post a message to the feed. And to my even bigger surprise it worked too! Here is what you need to do to access Graph API over OAuth: 1. Create a FB app, store app properties to a file: $appkey = '7925873fbfb5347e571744515a9d2804' ; $appsecret = 'THE SECRET' ; $canvas = 'http://apps.facebook.com/graphapi/' ; 2. Create a page that will prompt user the access permission (I am prompting for the publish_stream and offline_access permissions at the same time) //http://apps.facebook.com/graphapi/ require 'settings.php' ; $url = "https://graph.face...

Respect Coin

Respect I think it's time to talk about currency. Let's create a Respect Coin. Step 1. Install OpenZeppelin library  npm install zeppelin-solidity When it comes to coins, I like to use some functions that smart people already implemented and other smart people verified. I think that Zeppelin is a nice collection of Solidity contracts that can be trusted. Let's use the StandardToken contract and use it as a parent class for our own RespectCoin contract. Step 2. Create RespectCoin contract and store it in "contracts/RespectCoin.sol" file  pragma solidity ^0.4.4; import "../node_modules/zeppelin-solidity/contracts/token/StandardToken.sol"; /** * @title RespectCoin * @dev ERC20 Token example, where all tokens are pre-assigned to th e creator. * Note they can later distribute these tokens as they wish using `transfer` and other * `StandardToken` functions. */ contract RespectCoin is StandardToken { string public constant name = ...