What?

In early 2011 Facebook started to send all iframe application requests as POST. Because of this most REST based applications broke. This Rack::Facebook::MethodFix middleware looks for incoming POST requests. If the request contains signed_request parameter it converts request to GET as originally intended. Optionally if you give Facebook application secret_id in middleware settings it will also validate the contents of signed_request parameter.

Install

gem install rack-facebook-method-fix

Usage

require "rack-facebook-method-fix"
use Rack::Facebook::MethodFix

or

require "rack-facebook-method-fix"
use Rack::Facebook::MethodFix, :secret_id => "c561df165eacdd6e32672c9eaee10318"

You can exclude requests from being processed by adding an exclude option:

use Rack::Facebook::MethodFix, :exclude => proc { |env| env['PATH_INFO'].match(/^\/admin/) }

This would make sure that no path in the /admin namespace would change from a POST to a GET regardless of the signed_request param.

Contributing to Rack::Facebook::MethodFix

Copyright © 2011 Mika Tuupola. See LICENSE for further details.