I find this a difficult question to answer.
I set up my facebook app with the following options:
Page Tab URL: https://www.myapp.com.br/ Secure Page Tab URL: https://www.myapp.com.br/
(both are secure URLs and use the HTTPS protocol)
Browsers like Firefox and Safari work fine by sending a POST request to the server when I open a page with http or https protocol.
However, Google Chrome does a GET request when using facebook with http. This request does not contain signed_request.
I spent a lot of time trying to fix this, and I still don't understand why this is happening. Can someone explain and provide a solution?
Update (more)
The application was written using Ruby on Rails. It has been deployed with Nginx + Passenger. The following is the application configuration with nginx:
server { listen 80; listen 443 default ssl; server_name www.myapp.com.br; passenger_enabled on; root /my/app/rails/folder/public;
Rails configuration - forced ssl.
Nginx access log with Firefox request on facebook page tab:
201.87.25.128 - - [25 / November / 2011: 19: 16: 47 -0200] "POST / HTTP / 1.1" 200 9693 "http://static.ak.facebook.com/platform/page_proxy.php? V = 4 "" Mozilla / 5.0 (Macintosh; Intel Mac OS X 10.7; rv: 6.0.2) Gecko / 20100101 Firefox / 6.0.2 "
Nginx Access Log with Google Chrome request on facebook page tab:
201.87.25.128 - - [25 / November / 2011: 19: 19: 07 -0200] "GET / HTTP / 1.1" 200 9678 "http://static.ak.facebook.com/platform/page_proxy.php? V = 4 "" Mozilla / 5.0 (Macintosh, Intel Mac OS X 10_7_2) AppleWebKit / 535.2 (KHTML, e.g. Gecko) Chrome / 15.0.874.121 Safari / 535.2 "
Nginx access log with Google Chrome requesting to the SECURE page tab on the facebook tab:
201.87.25.128 - - [25 / November / 2011: 19: 18: 43 -0200] "POST / HTTP / 1.1" 200 9678 "https://s-static.ak.facebook.com/platform/page_proxy.php? v = 4 "" Mozilla / 5.0 (Macintosh, Intel Mac OS X 10_7_2) AppleWebKit / 535.2 (KHTML, e.g. Gecko) Chrome / 15.0.874.121 Safari / 535.2 "