How to use App Access Token to update Open Graph Tags











up vote
0
down vote

favorite












I want to dynamically update Open Graphs Tags on my website, but don't know how to do it properly.



I have understood you're not supposed to use the access token in a client side script, but how do I go about and update it otherwise.



I have seen examples online that does not use an access token, but I get an authorization error then.



Can I make any settings on facebook developer to skip access token or how can I make a call from my javascript, without showing the access token or app secret?




This is the part of my script which runs after modifying the meta:og tags:



//Update Open Graph

$.post(

'https://graph.facebook.com',

{

    access_token: '123',

    id: strCurrentUrl,

    scrape: true

},

function(response){

    console.log(response);

}


From Facebook:




for security, app access token should never be hard-coded into
client-side code, doing so would give everyone who loaded your webpage
or decompiled your app full access to your app secret, and therefore
the ability to modify your app. This implies that most of the time,
you will be using app access tokens only in server to server calls.







javascript jquery facebook-graph-api







share|improve this question


















  • 1




    you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
    – luschn
    Nov 7 at 22:10










  • what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
    – Petter
    Nov 8 at 9:09










  • you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
    – luschn
    Nov 8 at 9:21










  • how can I load them in the initial html when the content is loaded after the page load?
    – Petter
    Nov 8 at 9:31










  • what´s the content? you need to be more specific. what exactly are you doing right now?
    – luschn
    Nov 8 at 11:18















up vote
0
down vote

favorite












I want to dynamically update Open Graphs Tags on my website, but don't know how to do it properly.



I have understood you're not supposed to use the access token in a client side script, but how do I go about and update it otherwise.



I have seen examples online that does not use an access token, but I get an authorization error then.



Can I make any settings on facebook developer to skip access token or how can I make a call from my javascript, without showing the access token or app secret?




This is the part of my script which runs after modifying the meta:og tags:



//Update Open Graph

$.post(

'https://graph.facebook.com',

{

    access_token: '123',

    id: strCurrentUrl,

    scrape: true

},

function(response){

    console.log(response);

}


From Facebook:




for security, app access token should never be hard-coded into
client-side code, doing so would give everyone who loaded your webpage
or decompiled your app full access to your app secret, and therefore
the ability to modify your app. This implies that most of the time,
you will be using app access tokens only in server to server calls.







javascript jquery facebook-graph-api







share|improve this question


















  • 1




    you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
    – luschn
    Nov 7 at 22:10










  • what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
    – Petter
    Nov 8 at 9:09










  • you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
    – luschn
    Nov 8 at 9:21










  • how can I load them in the initial html when the content is loaded after the page load?
    – Petter
    Nov 8 at 9:31










  • what´s the content? you need to be more specific. what exactly are you doing right now?
    – luschn
    Nov 8 at 11:18













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I want to dynamically update Open Graphs Tags on my website, but don't know how to do it properly.



I have understood you're not supposed to use the access token in a client side script, but how do I go about and update it otherwise.



I have seen examples online that does not use an access token, but I get an authorization error then.



Can I make any settings on facebook developer to skip access token or how can I make a call from my javascript, without showing the access token or app secret?




This is the part of my script which runs after modifying the meta:og tags:



//Update Open Graph

$.post(

'https://graph.facebook.com',

{

    access_token: '123',

    id: strCurrentUrl,

    scrape: true

},

function(response){

    console.log(response);

}


From Facebook:




for security, app access token should never be hard-coded into
client-side code, doing so would give everyone who loaded your webpage
or decompiled your app full access to your app secret, and therefore
the ability to modify your app. This implies that most of the time,
you will be using app access tokens only in server to server calls.







javascript jquery facebook-graph-api







share|improve this question













I want to dynamically update Open Graphs Tags on my website, but don't know how to do it properly.



I have understood you're not supposed to use the access token in a client side script, but how do I go about and update it otherwise.



I have seen examples online that does not use an access token, but I get an authorization error then.



Can I make any settings on facebook developer to skip access token or how can I make a call from my javascript, without showing the access token or app secret?




This is the part of my script which runs after modifying the meta:og tags:



//Update Open Graph

$.post(

'https://graph.facebook.com',

{

    access_token: '123',

    id: strCurrentUrl,

    scrape: true

},

function(response){

    console.log(response);

}


From Facebook:




for security, app access token should never be hard-coded into
client-side code, doing so would give everyone who loaded your webpage
or decompiled your app full access to your app secret, and therefore
the ability to modify your app. This implies that most of the time,
you will be using app access tokens only in server to server calls.







javascript jquery facebook-graph-api




javascript jquery facebook-graph-api






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Nov 7 at 20:47









Petter

81




81








  • 1




    you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
    – luschn
    Nov 7 at 22:10










  • what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
    – Petter
    Nov 8 at 9:09










  • you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
    – luschn
    Nov 8 at 9:21










  • how can I load them in the initial html when the content is loaded after the page load?
    – Petter
    Nov 8 at 9:31










  • what´s the content? you need to be more specific. what exactly are you doing right now?
    – luschn
    Nov 8 at 11:18














  • 1




    you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
    – luschn
    Nov 7 at 22:10










  • what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
    – Petter
    Nov 8 at 9:09










  • you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
    – luschn
    Nov 8 at 9:21










  • how can I load them in the initial html when the content is loaded after the page load?
    – Petter
    Nov 8 at 9:31










  • what´s the content? you need to be more specific. what exactly are you doing right now?
    – luschn
    Nov 8 at 11:18








1




1




you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
– luschn
Nov 7 at 22:10




you should not update them anyway, after a while they even get locked. open graph tags should not change at all in general.
– luschn
Nov 7 at 22:10












what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
– Petter
Nov 8 at 9:09




what is best practice then for sharing content that is loaded after page load, and therefore cannot be in the meta tags from page load?
– Petter
Nov 8 at 9:09












you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
– luschn
Nov 8 at 9:21




you HAVE to provide them in the initial html, without javascript. it is always possible, just do stuff server side instead.
– luschn
Nov 8 at 9:21












how can I load them in the initial html when the content is loaded after the page load?
– Petter
Nov 8 at 9:31




how can I load them in the initial html when the content is loaded after the page load?
– Petter
Nov 8 at 9:31












what´s the content? you need to be more specific. what exactly are you doing right now?
– luschn
Nov 8 at 11:18




what´s the content? you need to be more specific. what exactly are you doing right now?
– luschn
Nov 8 at 11:18

















active

oldest

votes











Your Answer






StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














 

draft saved


draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53197567%2fhow-to-use-app-access-token-to-update-open-graph-tags%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown






























active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes
















 

draft saved


draft discarded



















































 


draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53197567%2fhow-to-use-app-access-token-to-update-open-graph-tags%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

這個網誌中的熱門文章

Xamarin.form Move up view when keyboard appear

圖片
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 0 I'm trying to build a Chat app UI, the idea of the Layout was pretty simple: When the input bar is focused, keyboard show up and "push" up the chat bar, as it's a grid, the ListView will resize to fit the screen: I update the input bar's margin to "push" it up: NSValue result = (NSValue)args.Notification.UserInfo.ObjectForKey(new NSString(UIKeyboard.FrameEndUserInfoKey)); CGSize keyboardSize = result.RectangleFValue.Size; if (Element != null){ Element.Margin = new Thickness(0, 0, 0,keyboardSize.Height); //push the entry up to keyboard height when keyboard is activated } And this is ...
閱讀完整內容

Post-Redirect-Get with Spring WebFlux and Thymeleaf

圖片
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box; } 2 Can someone explain to me how to implement the post-redirect-get pattern in Spring WebFlux and Thymeleaf? What subscribes on the database save method? @GetMapping("/register") public String showRegisterForm(Model model) { model.addAttribute("user", new User()); return "register"; } @PostMapping public String processRegisterForm(@Valid User user, BindingResult bindingResult) { if (bindingResult.hasErrors()) { return "register"; } else { userRepository.save(user); //what subscribes on this? //how to redirect on e.g. "/login"? ...
閱讀完整內容

Anylogic : not able to use stopDelay()

圖片
-2 I am building a railway station model. I want a train to depart when I click a button. I want to call stopDelay() for that but I am not sure how to do that and from which place. anylogic share | improve this question asked Nov 23 '18 at 10:12 Anupam Singh Anupam Singh 1 Hi Anupam, welcome to SOF. Please check how to ask good questions, see link below. Your question is...
閱讀完整內容