the most awesome guy ever.

The Blog of Darryl E. Clarke

  Random musings from a jaded coder who just needs a hug.

Posts Tagged ‘facebook’

Allowing the Facebook Debugger through nginx’s auth_basic

Friday, March 29th, 2013

In my prior post, Allowing the Facebook Debugger through .htaccess, I showed how you could do just that. But, as time goes on, I spend more and more time with nginx and I need to adapt my rules.

So, today, I decided I should do the exact same thing with nginx. All of the dev sites I work on are generally password protected with a standard auth_basic setup. This is great, keeps the robots out and prying eyes away. But it’s always an issue when you need to test sharing and other external scrapers.  As it turns out, doing so with nginx is just as simple as it was with Apache.

My initial ‘location’ block was a simple configuration:

location  /  {
  auth_basic            "Restricted";
  auth_basic_user_file  htpasswd;

  if (!-e $request_filename) {
    rewrite ^(.+)$ /index.php last;
  }
}

To allow Facebook debugger through the simple auth_basic was as easy as adding an if check and a secondary ‘location’ rule.

location  /  {
  error_page 418 = @allowed;

 if ($http_user_agent ~* facebookexternalhit) {
         # bypass httpauth.
        return 418;
  }
  auth_basic            "Restricted";
  auth_basic_user_file  htpasswd;

  if (!-e $request_filename) {
    rewrite ^(.+)$ /index.php last;
  }
}

location @allowed {
if (!-e $request_filename) {
              rewrite ^(.+)$ /index.php last;
 }
}

The first thing added was a rule for nginx to understand what I mean when I say ‘return 418’ – this is the http response code for “I’m a teapot” The if block simply checks if it’s a known facebook agent, and the third block is a custom location that strips out the authentication requirements.

It’s generally fairly simple the concept and can be applied to any other external scrapers that you may need.

Tags: , , ,
Posted in Security

Allowing the Facebook Debugger Through .htaccess

Thursday, November 1st, 2012

Here’s a short story; When I develop Facebook web apps, I do it under a password protected development site. Facebook hates this. It complains that it can’t reach urls, it can’t get meta data, it can’t do this, it can’t do that. The downside to not having a password is the fact that anybody can hit the site. (sandboxing is almost useless, these days.)

So, the quick solution: Allow Facebook to hit it, but only via their external meta data scraper.

A quick edit (well, not so quick, it was something obscure.) of my .htaccess rules, and voila! Facebook can debug and people still can’t hit it (easily)

SetEnvIf User-Agent ^facebookexternalhit.*$ Facebook=1

AuthType Basic
AuthName "Art & Science DEV Server"
AuthUserFile /home/dclarke/www/dev/.htpasswd
Require valid-user

order allow,deny
Allow from env=Facebook
Satisfy Any

First, set an environment variable based on if it is the Facebook user agent. Then, allow access. The key here is the ‘satisfy any’ line, which means you can get in if you have a user and password, or that environment flag is set. The downside is now you all know you can just set your user agent to Facebook and get access to my dev sites. 😉

Tags: , ,
Posted in Coding

I Dislike Like Gates So Much…

Thursday, October 6th, 2011

I dislike a “like gate” so much, I’ve conditioned myself to do battle against them. Here’s what I do:

  • Like the page.
  • Go to my profile, remove the announcement that “Darryl Likes [insert like-gate here]”
  • Do what I need to on the page.
  • Unlike the page.

What is a “Like-Gate”?

A like-gate is effectively a gate on Facebook pages that force you to “like” them before you can see the page contents.  Fortunately a like-gate is stuck to only a tab on a page, so you can typically view the wall, photos, and other media without having to like the page.  And, in recent changes, you can now write on the wall and interact with other posts without having to like the page at all, ever.

Like-gates are typically stuck in front of “premium” (aka mostly useless) extra content and contests.

Why I Dislike Them?

It’s pretty simple.  When you use a like-gate, you certainly benefit from the influx of people who are forced to like you.  But it’s just that, they’re forced.  You have absolutely no metric as to how many people genuinely like your product/page.  You only have an inflated number of people that “don’t give a shit” and really, that can’t be good.

I for one would rather have 100 fans that really like me than 10,000 that don’t give a shit.  But hey, I’m crazy.

Tags: , , , , ,
Posted in Randomness, Socially Inept

Facebook Timeline isn’t “New” #f8

Thursday, September 22nd, 2011

This timeline feature isn’t the first timeline that Facebook will have attempted to use. Once upon a time, at least 4 years ago, when you joined Facebook and added friends it always asked “How do you know this person?” and “When did you meet?”

Those questions as well as many other little things within Facebook lead to a social timeline that was tucked away in it’s depths. It filled gaps in time in with witty things like “Darryl was underground this year.” and “Darryl wasn’t very active.”

Now they’ve just got more data to make the timeline more interesting. I suspect that this old data will resurface in some way. I’ll be interested in seeing how else they fill in holes this time. It will be interesting to see the mass reaction to it. It will be interesting to see how much I can control.

It will also be interesting to see how many times my statuses show up as “looking for a hottie.”

Tags: , , , , , , ,
Posted in Randomness, Socially Inept

Facebook, Twitter, Google+ And The Future…

Friday, July 22nd, 2011

There’s a few things that have been swirling around inside my cavernous mind since the initial launch of Google+ which all relates to the future of social networks.

I’ve already noticed a fracture forming in the camps of Facebook, Twitter and Google+ users.  I’ve already seen the behaviour of cross posting to each and even selective posting on one or the other. In fact, I’m guilty (if it’s a crime) of doing such a thing.  And it’s happening purely based on how people behave on each network.

About a month ago I disconnected my Twitter account from auto-posting to my Facebook account.  Why? It’s simple, I got sick of the way Facebook treated my own and everybody else’s Twitter posts.  I got sick of seeing “XX More posts from Twitter.” — A link that nobody ever clicks.  All of my friends who use Twitter to post to Facebook would get bunched into one clump. And in most cases, unless you were the one single tweet (last one in) to be on top, you were likely to just get lost in the ether.   Ever since I disabled the connection and started updating my status directly on Facebook I’ve seen a much greater response to the inane things I say.

Facebook hates Twitter, that’s why they did this.  It wasn’t always this way. Once upon a time Twitter updated your status directly and as such it never got grouped.  Which brings me to my next point.

(more…)

Tags: , , , , , , ,
Posted in Socially Inept

Social Plugins and the 80/20.

Sunday, May 23rd, 2010

I apologize for this off-topic rant, but it’s been sitting on my mind for a little while…

The best part of using all these social plugins on a site as small as mine is how pathetic it makes the site look.  I try not to pollute everything with ‘like this’, ‘share that’, ‘spam your friends!’ and because of my simplistic approach, I never really benefit from any of these things.

But then again, I hardly see any interaction from my own friends with these little plugins on any site, not just mine.  So I’m pretty sure 80 percent don’t know what they do.  Then again, it’s probably more like 90/10.  80/20 is such a stupid generalization.  90 percent don’t know.  of the 10 percent that do, 90 percent don’t care, leaving the one percent that’ll actually use it.  Go team.

It seems to me as though all the things that “get popular” with these social plugins are ones that do something stupid (like an ascii smiley face, or “like this page to see these pictures!”) and basically, they force users to send it viral, even though it’s of no use to anybody and it’s not even good.  90% of the people have to be forced.  10% know better.

I’m going to force myself to change my approach a bit and see if these pressure tactics work for the better.  I mean, I hate treating people like sheep, but if you’re going to act like sheep and only go where you’re herded to, what else is a guy supposed to do?

Here comes the dirty stuff!

Oh, and don’t forget to show some love by hitting the ol’ [recommend] button! It’s over there —->

Tags: , , , , , , ,
Posted in Socially Inept