Rack middleware which parses and verifies the signed_request canvas parameter and FB JS cookie.
See Facebook's Canvas Documentation for more details.
You must specify the following options to enable the middleware:
app_idsecret
You can also activate the following options:
inject_facebook(default: false): This will automatically inject the asynchronous FB JS SDK include into the response body.
Assuming you've enabled the Facebook script injection, you can customize these options:
cookie(default: true): Configure the FB JS SDK with cookie supportstatus(default: true)lang(default: 'en_US')xfbml(default: true)
Note that this will also add the FB XML namespace attribute into the root html element of the response.
The Rack middleware will also convert any POST requests containing the signed_request parameter to GET.