fb:redirect: redirect forbidden by flavor TabFBMLFlavor

Oct 26, 2008 at 9:35 AM

    Sorry for this newbie question, but I have a simple Hello World application page (FBML) that works when you go directly to the application on facebook, but when I try to load that canvas on the profile tab of a user, facebook spits out this error message:
fb:redirect: redirect forbidden by flavor TabFBMLFlavor
    Per http://forum.developers.facebook.com/viewtopic.php?pid=107030, this is because we are calling require_login instead of get_profile_user? I am not sure how that translates to Facebook.NET (using version 0.3.0).

Any suggestions?
Minh T. Nguyen.
Nov 5, 2008 at 2:11 PM
Hi.  I am experiencing the same issue.  Any update on this?
Nov 11, 2008 at 3:16 PM
Making some headway here: http://forum.developers.facebook.com/viewtopic.php?pid=109593#p109593

Does anyone know to turn off RequireLogin with the FacebookApplication control?
Nov 11, 2008 at 4:41 PM

    I ended up switching to the Facebook Development Toolkit. A few days ago, they released version 2.0, which seems to be pretty stable. I've used that to be able to NOT set RequireLogin=true, so that the redirect won't happen. After that, I am able to put a page as a profile tab.

Hope this helps,
Minh T. Nguyen.
Nov 11, 2008 at 8:47 PM
Ah, that helps!  I converted to Facebook Development Toolkit, and at least now I don't get that ugly error.

However, when I output _fbService.UserId, it spits out blank.  For the profile tab, I'm trying to load user-specific content.  Is the UserID blank b/c by default, RequireLogin=false?

Do you know how I can get the current UserId?  Thanks for your help, Minh!
Nov 13, 2008 at 5:58 PM
Nevermind, got it! - http://www.codeplex.com/FacebookToolkit/Thread/View.aspx?ThreadId=39769

Thanks for the suggestion to switch over to Developer Toolkit.  That solved it!
Jan 4, 2011 at 3:00 PM

You can fix this without choosing to switch to FacebookToolkit

For this, you must set EnableExternalBrowsing="true" then in the PageLoad event, just add this code

            // ask for permission
            string signedRequest = Request.Form["signed_request"];
            if (signedRequest != null)
                signedRequest = signedRequest.Split('.')[1];
                signedRequest = signedRequest.PadRight(signedRequest.Length + (4 - signedRequest.Length % 4) % 4, '=');
                signedRequest = Encoding.ASCII.GetString(Convert.FromBase64String(signedRequest));

                if (signedRequest.Contains("user_id") == false)
                    string script = @"<script>top.location.href='http://www.facebook.com/dialog/oauth?scope=email,user_birthday&client_id=124689440931650&redirect_uri=http%3A//apps.facebook.com/phonematchtest/&response_type=token';</script>";