I’m was pretty sure most people still logged into Facebook using http (versus https). I asked the question at http://www.facebook.com/home.php?sk=question&id=10150175111554013 and with the rash of OBL spam that happened it looks like a bunch of people switched.
Now that they are https (secure browsing) and they land on a 3rd party tab that comes from a non secure source they’ll see this instead…
That’s not a bad thing. It used to be that if you were an https’r you wouldn’t have even seen this or the Landing Tab at all. Facebook did a great thing in delivering the warning and the ability to change your profile over temporarily. By clicking continue your account login changes to non secure (just for this session) and you’ll see what you were supposed to see. Log out and log back in again and you are back to secure.
Still, as I build new Custom Facebook Apps I want to make sure the viewer that lands on the tab using https signin isn’t presented with the popup if at all possible.
Why have a hurdle when you don’t have to – right?
So with every custom facebook application that I build I’m now also creating the same in a secure server! That way your visitors see what we’ve built on the first load of the page.
I think that’s important – don’t you?