1

I'm running a meteor app, which I just deployed to production with Meteor up. Now I have a mismatch when I try to login using a Oauth service between example.com and www.example.com. In my fb-app I use the www address. So if I go to example.com and try to login, I get an error in console about same-origin-policy.

I'm using the browserpolicy package for Meteor. In which I added both non-www and www inside BrowserPolicy.content.allowOriginForAll(origin);

What's the correct fix for this? Can I somehow add 2 url's to my fb-app or should I use a wildcard? Should I redirect all traffic to www.example.com? Or is there a different/more correct solution for this?

flowen
  • 536
  • 4
  • 23
  • Maybe this helps? http://stackoverflow.com/questions/12296180/facebook-login-with-multiple-domains – Sergio Tapia Jul 19 '15 at 08:29
  • You should fix this by redirecting all requests for example.com to www.example.com. This is important anyway for Search Engine Optimisation, otherwise you will have duplicated content. If you have an http server like Apache or Nginx, do it there, otherwise I expect Iron Router does redirects. – mwarren Jul 19 '15 at 09:11
  • I have a followup question here: http://stackoverflow.com/questions/31474072/meteor-app-with-apache-as-proxy-is-probably-redirecting-all-pages which I describe my problems redirecting correctly. – flowen Jul 19 '15 at 11:07

0 Answers0