I noticed a site that offers a free secure adaptor for page tab apps.
Looking at the source code, I saw that the adaptor was basically an iframe running my old insecure url inside a html file hosted on a secure server.
Is such a solution going to last for Facebook?
From what I read about SSL, this doesn’t seem entirely legit and I wouldn’t want to start using such a service and then discover that in a month or two Facebook will block these practices or that this sort of “secure” page will generate all sort of browser warnings
I don’t really deal with Facebook data (except for signed_request and app_data), my app requires no permissions and no data from the user, so I won’t need to interact with Facebook in my secure version, other than asking for the signed_request and possibly app data
Wouldn’t you still have a mixed content warning if the initial content is loaded over HTTPS and your original page is loaded over HTTP in an iframe?
Unless I’m missing something here, this solution is only going to solve the ‘Facebook says i need a secure URL’ problem, not ‘Facebook says i need a secure URL so people can access my app over HTTPS without problems’