In October, Facebook will start requiring that all apps and websites using Facebook Login to use HTTPS. In preparation for that, Facebook has added a new “Enforce HTTPS” setting for its Facebook Login.
To make apps and website using Facebook Login more secure, Facebook will soon be requiring that all apps and website using the feature are switched to HTTPS. The deadline is October 6, 2018 – that’s when HTTP will be automatically enabled for all apps and websites – but up until then, developers can instead enable the “Enforce HTTPS” setting on their Facebook Login Dashboard. When enabled, “it requires all Facebook Login redirects” and “all Facebook JavaScript SDK calls that return or require an access token” to use HTTPS.
Using HTTPS protects the information which is transmitted and helps protect users’ security. Facebook has required that all new apps created since March 2018 use HTTPS, but older apps and websites will have until October 6, 2018, to opt in. After that, it will be automatically enabled. Essentially, the option gives developers some time to switch and test all their systems.
Facebook Software Engineer Brad Hill notes that “you may have received a developer alert telling you that we’ve already enabled this setting for your app — if you don’t currently use Web OAuth flows, already use only HTTPS URIs, or if all your redirect domains send or preload HTTP Strict Transport Security instructions.”
Furthermore, Facebook strongly recommends that developers update pages to work over HTTPS and turn on the “Enforce HTTPS” setting as soon as possible. Developers can also still be able to use HTTP with “localhost” addresses, but only while their app is still in development mode. Finally, social plugins and other features of Facebook’s JavaScript SDK use HTTPS iframes and therefore don’t pass sensitive information back to their embedding pages. Those can continue to use HTTP.
You might also like
More from Facebook
Meta Is Killing Its Messenger For Apple Watch App
Meta announced it will remove the Messenger for Apple Watch app on May 31 “After May 31st, Messenger won’t be available …
Facebook And Instagram Start Selling Blue Checks With Meta Verified
Meta Verified will give you a blue check badge on both Facebook and Instagram, along with other benefits for $12 …
Meta Brings Back #BuyBlack Friday For A Third Year
Meta is bringing back #BuyBlack Friday for a third consecutive year in North America. Meta emphasized the importance of the Holiday …
Facebook Is Giving You More Controls Over What You See On Your Feed
Facebook is introducing new "show more" and "show less" controls to let you adjust what you want to see on …
Meta Introduces Facebook Reels API, Offering An Option To ‘Share To Reels’
Meta has introduced the Facebook Reels API, a solution allowing developers to build a 'share to reels' option into their …
Facebook Gets Into Delivery With DoorDash Partnership
DoorDash is partnering with Meta to pilot Facebook Marketplace deliveries across multiple cities in the U.S. Drivers will only transport items …
Meta Rolls Out Horizon Worlds In France And Spain
Meta Horizon Worlds, the VR community and game, is now available in France and Spain.
Meta Refreshes Facebook Groups With New Features
Facebook Groups now have an updated invitation system to reduce admin workloads and limit sharing of misinformation.
Meta Offers Digital Security Course For Journalists And Human Rights Defenders
The Meta Journalism Project and the ICFJ have put together a self-paced 90-minute course and webinars to provide online safety …
