Facebook Strict Mode Breaks Passport Facebook Authentication.

[divyanshu-rawat]

Since March, Facebook requires Strict Mode, and since the "Valid OAuth redirect URIs" field does not allow for dynamically generated data, dynamic data should be passed with a state parameter (according to the facebook docs). As it stands now, facebook login in my application is failing completely due to these restrictions:

"Can't Load URL: The domain of this URL isn't included in the App's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."

The strange thing is that the documentation (https://developers.facebook.com/docs/facebook-login/security#strict_mode) states the following:

"For apps using only the Facebook SDK, redirect traffic is already protected. No further action is needed."

For More information - https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/

Passport is not working anymore to authenticate via Facebook before March my app was working fine. Kindly, let me know the workaround for this to make my app functional again.

[dava-ua]

I have the same problem. Any workaround for that?

[AizenSousuke]

Something broke again in 2021. http localhost backend doesn't work and produces the same error above.