When setting up a Facebook application one of the basic setting is "Secure Canvas URL", it is used to get the content for users using https. (HTTPS will be required by October 1) It seems Facebook sends a post request to the url set in the "Secure Canvas URL".
If this url is set to a file uploaded in EPiServer file manager (eg a static html file) the facebook application will not be able to access the url and show the 404 error page of the EPiServer site.
I have been exploring the StaticFileHandler code using ILSpy and found what I believe is the problem.
The method BeginProcessRequest seems only to process GET and HEAD requests and if HttpRuntime.UsingIntegratedPipeline is true a 404 will be served.
The workaround for the moment is for the editor to upload the content he/she wishes to include in the facebook app using the file manager. Then the editor has to create a page in episerver and set the shortcut for the page to "Link to page on another website" and point to the uploaded document.
Is there another solution to this to minimize the effort required by the editor?