facebook is having trouble caching icons served by elgg 2.3
By ura soul
i have code on my site that adds metatags to relevant pages so that when the page is shared on facebook etc. - the correct image is scraped and used in the shared object when it is displayed on facebook. i notice that since elgg's icon handling has changed, facebook usually fails to get the right icon and i think this is possibly due to HMAC mismatch. is it possible to serve an icon in elgg that has no session data / codes / ids attached to it in any way? so that the url will always be reliable to be used by many users and thus is also suitable for distribution to social networks?
Elgg Technical Support
Get support from other Elgg users
i am using blog_tools, but it uses the new elgg icon system, so the situation should be the same for any plugin that uses it. i'm not sure i understand what you are saying about access and entities. why would the icon's access level be different from the entity it is associated to?
oh, ok - so this appears to be caused by something else entirely. i now see that profile images work fine in facebook.. and when i examine the error generated by facebook when i share an image via blog tools - the error complains that the image is too large (larger than 8mb), except the image is actually about 60k!
i found this thread on the issue of the 8MB error: http://stackoverflow.com/questions/36608780/ogimage-could-not-be-downloaded-because-it-exceeded-the-maximum-allowed-sized-o
it says this is a bug with facebook's code.. the solution is to add metadata for the icon's height and width.. but i have now done that and it still doesn't work. although the 8MB error is gone.
Consider a scenario: user uploads an image with public access, you generate a URL without session cookie, someone else copies the URL and starts sharing it online, original user changes access of the file to friends only, the URL is still valid and people still can see image content after its access has been changed.
right ok, i see - but this should not effect facebook's ability to scrape the icon, since facebook's session will be valid while it does the scrape. so it looks like the problem here is not necessary an authorisation one.
The session is embedded within the URL. When you generate your og tags they are bound to one session, when FB requests the page it's a different session
yes, i understand that. i am saying that since fb scrapes and caches the icon with a session that is valid for fb itself, there should not be an authorisation problem provided that the entity is public.
As long as everything is done within a single request. In general I'd say it's not a good idea to use session bound URLs for og tags.
i just tried to use elgg_get_inline_url for the blog icon path:
however, the resulting url looks to be just the same as it was originally - e.g. it has this format:
oh, correction, it is working now!
- Previous
- 1
- 2
- 3
- Next
You must log in to post replies.