Building a Facebook app on a host without HTTPS/SSL Support

Recently (Yesterday) I was confronted with the ugly fact that Facebook REQUIRES SSL for your application. Now there are quite a number of free services out there that give shared ssl support, however, I was quite happy with my current hosting provider and did not want to shift my database and files to a group I knew nothing about. So here is an extremely simple and easy to do tutorial for everyone who feels the same.

The Realization

After playing around with Facebook, I realized that I can navigate away from HTTPS at any time. Its only required by Facebook that the URL you enter into Facebook for your app is an HTTPS url. And that gave me the idea for a simple redirect script!

The Requirements

Now, unfortunately, you still need some provider with some sort of ssl. Fortunately, Heroku does just that and was quite simple to setup and its free (And no, you don’t have to move your application over to them, keep reading). If you’d like to use another provider, or maybe you own a server with ssl support, you are most welcome to use that instead.

The Code

Now create a php file with the following code:

header( 'Location:' );

The Facebook

Point your SSL link on Facebook to this php file, and tada! Facebook accepts the url, upon loading the URL in the iframe, php redirects it to your non-ssl application, and none of your code had to be moved anywhere.

Hope this helpes someone!

DISCLAIMER: This bypasses SSL for your Application and thus decreases the level of security. However, for a testing environment, and for most “non-personal” information, this should be perfect for your needs…