How does facebook subscribe work under the hood?

Question

How does facebook subscribe work under the hood?

I am using the new javascript sdk and I am developing locally (i.e. not hosted server).

I was successfully able to get the access token that the js api stores in a cookie for the localhost domain. However, I do not understand:

How fb js can set a cookie for localhost. Is this not contrary to the same policy of origin?
If fb uses the Oauth 2.0 protocol for authentication / authorization, the only way it can get an access token is even if I didn’t provide a callback URL and there is no redirect from my main page.

Can someone demystify what is happening here under the hood?

+4

facebook oauth facebook-graph-api single-sign-on

user308808 Nov 25 '10 at 19:06

source share

1 answer

daaku · Answer 1 · 2010-11-25T19:46:42+0000

FB JS can set cookies on localhost because you include the FB JS SDK in your domain with the <script> , giving them access to your cookies (just like Google Analytics records cookies for your domain).

OAuth 2.0 includes a redirect to your site, for Facebook there is no other way to return the code for your application in order to get access_token .

How does facebook subscribe work under the hood?

More articles: