I thought this would be simple, but I can’t figure it out or find

Question

0

Asked: May 26, 20262026-05-26T04:43:00+00:00 2026-05-26T04:43:00+00:00

I thought this would be simple, but I can’t figure it out or find

0

I thought this would be simple, but I can’t figure it out or find any relavent search results.

I have a Page Tab on my Facebook Page that loads a page from my server in an iframe. I want the page to only be served if Facebook is requesting it.

I’ve heard of looking at the User Agent, but that doesn’t work. With PHP at least… I think.

If I have to I’ll resort to redirecting with JavaScript, but that’s just sloppy.

Ideally it would look something like this;

<?php
...
if ( ! $is_facebook )
{
    header("HTTP/1.1 404 Not Found");
}
?>

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T04:43:01+00:00

Editorial Team

2026-05-26T04:43:01+00:00Added an answer on May 26, 2026 at 4:43 am

You could just check the signed_request parameter as described at http://developers.facebook.com/docs/authentication/signed_request/ . If you don’t need much security just checking for its presence should be enough. If you need more certainty you can decode it to verify it really came from Facebook.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I thought this would be simple, but I can’t figure it out or find

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply