Graph API Access without HTTPS
I have following question: Can I communicate with Graph Api without using HTTPS protocol, only usual HTTP ?
I want to circumvent this, because it is one of the requirements of my customer. However, since the requirement also includes access to开发者_运维技巧 private data - I'll explain the situation to him.
Thanks Everybody for useful answers!
You need to use https when passing an access_token as iggy stated.
Example: http://graph.facebook.com/search?q=platform&type=page
Error: http://graph.facebook.com/search?q=platform&type=page&access_token=2227470867|2.AQD0zuvucVwGh206.3600.1314345600.0-732484576|VV_q-blMVfkOyZfJvd-27uvYkn4
{
"error": {
"type": "OAuthException",
"message": "You must use https:// when passing an access token"
}
}
You can access it over HTTP if accessing data which is publicly accessible, but if the information you require needs an access token to be passed, the call must be over HTTPS
No. You're passing what are effectively bearer access tokens over the wire. This needs to be done over an encrypted over the wire to avoid risking your users' privacy
AFAIK no - that's one of the security measures... why would you want to circumvent that ?
精彩评论