Friday, July 23, 2010

Secure Connections to Facebook

For the past 2 days I was plagued with constant blank pages whenever trying to visit Facebook. I tried adding an "s" to http://facebook.com and viola! It opened!

I was surprised because I did try that a few months back and it didn't work, which made me think: Why isn't Facebook advertising the fact that it supports SSL?! I certainly wouldn't want my corporate admins to be snooping on my status updates or picture uploads/views!

But since this is Facebook, there's yet another disappointment: They use full URLs rather than relative ones. This means that when you click a link to comment or a profile, you'll be sent using HTTP and not HTTPS (no security/encryption). That's retarded.

Thankfully, there's an addon for FireFox called Force-TLS which forces the use of HTTPS even when the link you're being redirected to is HTTP.

No comments: