On October 1st Facebook will be making SSL certification compulsory for all its applications. The implications this has had on the project are as follows:
- Users cannot proceed to the splash page any longer if they are in secure https browsing (still works for http browsing)
- Application access tokens made compulsory for retrieving information from a page
- The splash page has temporarily been deactivated until the new solution with SSL is implemented.
- Option to purchase SSL deemed to costly and impractical for the scale of the project
- Heroku cloud services being used. Website hosting being migrated. Heroku is a wildcard SSL certified domain and will be used instead of goodreturn.dammahom.com.
- Using Heroku in testing Dev environment has indicated that load times are slower than the current hosting service, however this issue is to be addressed at a later date. Code for all applications were modified to enhance load times.
The above solution will result in a more secure site, despite security not being a main concern for these pages as it does not hold any sensitive information, it will ensure that the applications are compliant with the facebook roadmap and will not face deprecation by facebook in the short run. It is essential to note that Facebook will continually make updates to its back end and API as well as front end changes as witnessed throughout the life of this project and it is a component that will have to be monitored to ensure smooth operation of facebook applications as tabs.