Facebook has unveiled plans to handle the transmission of its user IDs, under which the social networking site will not require the use of encryption, pcmag.com reported.
Facebook engineer Mike Vernal wrote in a blog post that after talking with the community, they have updated their proposed offering to use a different mechanism that provides better protection for users while minimising the impact on existing apps and eliminates the need to use encryption libraries.
As per the proposal, a UID will be embedded in a HTTP POST body, meaning not getting exposed in any HTTP referrer header at all, whether it is encrypted or not.
Vernal said that the new proposal will require minimal effort for developers and will not require encryption. "We do this by creating a [form] element targeted at the application Canvas URL."
He said that developers can turn on the "POST for Canvas (Beta)" migration on the Advanced tab of the Developer Application, on a trial basis.
A mechanism has been developed by Facebook for developers to obtain an anonymous but unique identifier for third-party IDs, called a third-party identifier.
A third-party identifier can be obtained by developers through either the Graph API or FQL, pcmag reported.