I’ve got an iframe loading in a facebook tab on a fan page and I’m not having any luck accessing the $_REQUEST[“signed_request”] object. I’m confused because this is supposed to be a freebie and easily accessible. I’ve read and re-read the facebook docs and rechecked my facebook application settings but nothing is working.
isset($_REQUEST['signed_request']
is always false. Since I’m using the Facebook PHP sdk I’ve also tried
$facebook->getSignedRequest();
I’ve done print_r on the $_REQUEST and I don’t see the signed_request in there. When I print_f the $facebook object, I see that the signedRequest is empty
[appId:protected] => XXX
[apiSecret:protected] => XXXXXXXXXXXXXXXXXXXX
[session:protected] => Array
[access_token] => XXXXXXXXXX|2.h75WqKxcA1xbNPufFvpKQQ__.3600.1304452800.1-726960374|JiO0ZS30SyLaApeqhMtdocK8B_Y
[base_domain] => XXXXXXXXX
[expires] => 1304452800
[secret] => rDF9C_z43_EUFy0Q_e6tyQ__
[session_key] => 2.h75WqKxcA1xbNPufFvpKQQ__.3600.1304452800.1-726960374
[sig] => 1971ef7eb8057c7404eae1f82d770ab5
[uid] => XXXXXXXXXXXXXXX
[signedRequest:protected] =>
[sessionLoaded:protected] => 1
[cookieSupport:protected] => 1
[baseDomain:protected] =>
[fileUploadSupport:protected] =>
[EDIT]
I do have the OAuth 2.0 setting enabled for the application.
After some investigation, I suspect this has something to do with where the iframe source is hosted.
When I moved everything to localhost, the signed_request started coming in fine.