What do I do if I get a "you may be a victim of cross-site request forgery" message?

If after installing and configuring the Facebook login button, when you click on the login button you get this message:

 



 

or this message:

 

"You may have not allowed the email address to be used or the token is not valid. You may be a victim of cross-site request forgery or the method of connecting to the Facebook URL with HTTPS is not allowed. Please contact the merchant to warn him."

 

then you have to check the URLs indicated in the configuration of your Facebook application, both the callback URL in the "Facebook Login -> Settings" tab, and the URLs indicated in the "Settings -> "Basic" tab:

Other FAQs in this category