Auth redirects in a canvas app

[jmagnuss]

When using the sample authentication code in a Fb canvas app, doing res.redirect(authUrl) results in this:

Refused to display 'https://www.facebook.com/dialog/oauth?...' in a frame because it set 'X-Frame-Options' to 'DENY'. about:blank:1

In various posts it looks like we need to redirect the browser top to the oauth, we can't do it within an iframe loaded from Facebook.

Has anyone else run into this?

[jmagnuss]

So far, this works: res.send('');

[allannaranjo]

You have to:

top.location.href = "/auth/facebook";