FaceBook JS SDK: callback functions on “Captive Portal Login” android browser are never called



  • Writing some JS code for my HotSpot network. The idea is: user is connecting to my wireless access point after which he will be transferred to my HotSpot login page. The page contains FaceBook share button which gives an access to internet after successful post sharing on his FaceBook page by calling a callback function passed as parameter of FB.ui function. When I tested this by my Android device which uses "Captive Portal Login" browser to redirect to the login page I found a problem: passed callback functions are never called by SDK on this browser. I have tested separately both "FB.ui" function and "FB.login" function: passed callback functions are never called. When i use "chrome" browser on my Android - it works fine! But I need this to work on "Captive Portal Login" browser because this is a public network and I can't force all connected Android devices to use chrome. Any solutions? Thank You!

    Here is the required part of my code:

    <head>
        <script async defer crossorigin="anonymous" src="https://connect.facebook.net/en_US/sdk.js"><script>
    </head>
    
    <script>
        $(function () {
            session.FB_async_init();
        })
    
    
        var session = {
    
            FB_async_init: function () {
                window.fbAsyncInit = function () {
                    FB.init({
                        appId: '*my app Id*',
                        autoLogAppEvents: true,
                        xfbml: true,
                        version: 'v8.0'
                    });
                };
            },
    
            FB_post_feed: function () {
                FB.login(function(loginResponse) {     /*here is the login callback which is never being called*/
                    FB.ui({
                        method: 'feed',
                        display: 'touch',
                        link: '*my share link*',
                    }, function(feedResponse) {
                        *code of the callback function. Also is not being called even the FB.ui function used separately*
                    })
                })
            }
    
        }
    
    </script>
    
    <body>
        <div>
            <img class="facebook-share-button" src="~/img/fbshare.png" onclick="session.FB_post_feed()" />
        </div>
    </body>
    

    P.S. Directly shares and login work fine! Only callback functions are not called



  • Hi,

    You said : "never called", and also "called when using ...".
    If a function is used, or called, can be determined using the browser "dev" functionalities, or whatever you use to develop your scripts.

    Can this be true : the callback won't work ... because the URL(s) used are simply not accessible because net authenticated yet ?

    The good news :
    You should 'white list' these addresses using :

    a8797b43-fadd-484e-be62-0976f50d7ce7-image.png

    The bad list :
    Many tried, and they all failed (died) : You can not white list ......facebook.com. Or google.com, twitter, etc etc etc.

    The "Allowed hostnames" is meant to be used to a host name that resolves to a - one- A or AAAA record, not some big list.

    A firewall rule can not contain a host name, it can only work with IP addresses. So, the host names you use, like connect.facebook.net will get resolved (every xxx minutes) to an - ONE ! - IP address.
    Or, facebook uses many - thousands of IP addresses for the same domain and host names, as they have many servers running all around the word.

    So, are you lucky, and the host name resolves to one (2 ?) IP's : then it will work.
    If not, try to get your hands on all the IP's involved and enter them directly. And check them ones in a while, as the usage of the big operators on the net is like moving sable.

    edit :

    This starts bad, as a cdn is used : so "connect.facebook.net" will produce a random A or AAAA out of a big list, and it changes.

    [2.4.5-RELEASE][admin@pfsense.local.net]/root: host connect.facebook.net
    connect.facebook.net is an alias for scontent.xx.fbcdn.net.
    scontent.xx.fbcdn.net has address 179.60.192.7
    scontent.xx.fbcdn.net has IPv6 address 2a03:2880:f01f:6:face:b00c:0:3

    So, for me, now it's 179.60.192.7 - and when the sdk connect server gets updated, they prepate another server, add the IP of the new server to the CNAME list, take it up, and shut down 179.60.192.7.
    Work load rises ?They activate more servers ? It lowers ? They stop some.
    Etc.



  • @Gertjan said in FaceBook JS SDK: callback functions on “Captive Portal Login” android browser are never called:

    The "Allowed hostnames" is meant to be used to a host name that resolves to a - one- A or AAAA record, not some big list.

    Thank you for you answer but..
    I use MikroTik router in which I can put all domain hosts in "Walled Garden" and it works even with dynamically changing ip addresses.

    026b5938-2d15-4799-b945-166c324d0212-image.png

    Anyway - when I connect to HotSpot network and my Android automatically opens my login page (btw which is hosted remotely on Amazon AWS server) using CaptivePortalLogin app (browser used by Android OS only after connecting to Wireless acess point which requires entry using HotSpot login page) I can collapse the page before I implement login (the login process remains pending and I only have access to domains from Walled Garden list) and open this page in Chrome browser - all callbacks in my code are called after sharing. So my conclusion - the problem is not with firewall - only with CaptivePortalLogin app.

    Unfortunately I don't know any ways to open any developer panel using CaptivePortalLogin app on my Galaxy A70 device so I can't debug my code on this device. Btw I can use my laptop for tests and open dev panel on desktop chrome on it but in this case I do not get any errors - everything work fine on it. Need any solution to make CaptivePortalLogin app work OR force open chrome using JS on Android devices.



  • Wait ....
    Are you using the pfSense captive portal ?

    The "hotspot" image tells me (it's not pfSense) that this "Walled garden" uses a lot allowed domains (or IP's).

    Testing an Phone's App is something that ... well, I guess it's possible, but this goes beyond my knowledge.



  • @Gertjan Thank you. I'll try to find right web-portal to ask my question than. Have asked this on StackOverflow but I am still ignored there ))