Problems With Facebook's SSL Secure Browsing?

Are you getting messages telling you to switch to a regular http connection? Are you having trouble seeing third-party applications on Facebook? Click through to learn why and how to fix it.

If you’re like us, you’ve been getting this pesky message while browsing Facebook: “Switch to regular connection (http)? Sorry! We can’t display this content while you’re viewing Facebook over a secure connection (https). Would you like to temporarily switch to a regular connection (http) to use this app? You will have a secure connection upon your next login.”

If you’ve seen that message, you probably also discovered that clicking “continue” or “cancel” gets you nowhere and doesn’t fix the problem. You probably also noticed that you lost the ability to view third-party applications.

That message is basically saying that you cannot view Facebook applications using a secure connection (https) and that you have to switch to an unsecure connection (http) to view them — not great news given how the social network added an option in January to run all sessions with https in order to protect people from prying on open networks.

Many Facebook developers noticed that there were serious weaknesses in the implementation. One explanation theorized by Rants, Raves, and Rhetoric v4:

…the reason why is not protected is because the https protocol does not allow for two parties on to provide items in some elements on the same page even if both are secure. This is because one party cannot ensure another is not doing something illegitimate.

After searching for a solution by copying and pasting the error message into Google, we found no answer to our dilemma, only articles discussing the message and speculating about why it was occurring. However, when we searched the Facebook developer’s blog, we found the solution! Disclaimer: Keep in mind this solution will make your Facebook account less secure and it seems it does not resolve the problem for certain games.

Go to account settings in the upper-right-hand corner of your Facebook screen. Within the account security section, click the “change” link, then uncheck “secure browsing (https): Browse Facebook on a secure connection (https) whenever possible. Then click “save.”

Clicking “save” turns off the https, which means your connection is going to be less secure. So, you have three options:

  1. don’t use any apps and be more secure;
  2. use apps and be less secure, or
  3. switch back and forth.

Because of the work we do offering custom Facebook pages and working with applications — including iframes and networked blogs, we chose option two. And, so far so good!

So what do you think, readers? Would you risk the reduced security just to be free of the error messages and remain able to use third-party applications on Facebook?

The writers of this article, Karen Mazza and Sabine Schmidt, both develop Facebook fan pages.

Publish date: April 8, 2011 © 2020 Adweek, LLC. - All Rights Reserved and NOT FOR REPRINT