开发者

Graph API Access without HTTPS

I have following question: Can I communicate with Graph Api without using HTTPS protocol, only usual HTTP ?

I want to circumvent this, because it is one of the requirements of my customer. However, since the requirement also includes access to开发者_运维技巧 private data - I'll explain the situation to him.

Thanks Everybody for useful answers!


You need to use https when passing an access_token as iggy stated.

Example: http://graph.facebook.com/search?q=platform&type=page

Error: http://graph.facebook.com/search?q=platform&type=page&access_token=2227470867|2.AQD0zuvucVwGh206.3600.1314345600.0-732484576|VV_q-blMVfkOyZfJvd-27uvYkn4

{
   "error": {
      "type": "OAuthException",
      "message": "You must use https:// when passing an access token"
   }
}


You can access it over HTTP if accessing data which is publicly accessible, but if the information you require needs an access token to be passed, the call must be over HTTPS


No. You're passing what are effectively bearer access tokens over the wire. This needs to be done over an encrypted over the wire to avoid risking your users' privacy


AFAIK no - that's one of the security measures... why would you want to circumvent that ?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜