Sharing on Facebook from public kiosk -- user can't logout from FB!

Question

I have a website that is designed to be run at a kiosk at public events. I want users to be able to share a page from this site on Facebook without leaving their Facebook session logged in. This is not a Facebook Connect site (there's no login to synchronize w/FB), all I have is a link for sharing that goes to Facebook's sharer.php:

<a href="http://www.facebook.com/sharer.php?u="http://mysite.com/mypage" target="_blank">share this</a>

It allows the user to log in and posts the link fine, but then closes the window and leaves the user logged in. There is no option for logging out, so the next user that comes along and wants to share has the previous user's FB account logged in!

Seems like this just changed when Facebook's UI changed recently; previously it would redirect to the user's profile page after posting, from which they could log out.

How can I fix this? Any recommendations on the "right way" to allow sharing with FB from a public kiosk?

EDIT: I have entered an enhancement request on bugs.developers.facebook.com (http://bugs.developers.facebook.com/show_bug.cgi?id=9903) to have sharer.php auto-logout the user if a login was required. Please vote for it to get some attention from FB!

My current solution is to force a logout from facebook in the window.onbeforeunload event using a hidden iframe (code below). My site is currenly only intended for the public kiosk, so this is acceptable. For sites intended for public and private use at home, this is probably too brute force and will annoy users.

window.onbeforeunload = function() {
  if (do_fb_logout) {
    iframe = document.createElement("iframe");
    iframe.setAttribute('width', '0px');
    iframe.setAttribute('height', '0px');
    iframe.setAttribute('frameborder', '0');
    document.body.appendChild(iframe);    
    doc = iframe.contentDocument;
    if (doc == undefined || doc == null)
      doc = iframe.contentWindow.document;
    doc.open();
    doc.write("<html><head></head><body>");
    doc.write("<form id=fbForm name=fbForm method=POST action=http://www.facebook.com/logout.php >");
    doc.write("<input type=hidden name=confirm value=1 /></form>");
    doc.write("<script type='text/javascript'>document.getElementById('fbForm').submit();</"+"script>");
    doc.write("</body></html>");
    doc.close();
  }
}

I have tested this so far on Windows browsers FF 3.6, IE 7, and Chrome.

Answer 1

One idea that comes to mind is to give the link a target='_blank' and at the same time redirecting the "mother" page to the Facebook main page using JavaScript. That way, when the window closes, the user will at least have Facebook in front of them.

However, that page will show a "not logged in" status because it was called before the user logged in. Can't think of a way around that except for some ugly frameset frequently refreshing the facebook page - uggh.

Another way that comes to mind is opening the sharer link using a JavaScript mywindow = window.open("http://www.facebook.com/......") and then frequently polling whether mywindow still exists. If it does not (= the window was closed), redirect to the Facebook main page which will show the user's profile and a logout button. Still, also uggh because it's complicated and shaky. Hmmm.

Definitely report this as a bug to Facebook, you're probably not the only one experiencing it.