Caveats when developing Facebook applications in Flash

The number of eyeballs and the ability to socially spread awareness of the app make Facebook the online development platform.

After developing several Facebook applications, I’ve found several tripping points that I thought I’d document to help those who find themselves in the same position.

1. Images
The images returned from Facebook APIs live in an increasing number of places.  Primarily, they live on the Facebook CDN servers.  But to make things hard on you, some don’t.  Some live on servers that lack cross-domain policies. When loading in images, be sure to account for potential security errors. I filter loads to only come from  Also, I set my load logic up to only load files ending with .jpg.  Why?  Because the default facebook silhouette image is a .gif, and resides on, which lacks a cross-domain policy.

2. Internet Explorer
When making secure calls (HTTPS) in Internet Explorer, Flash geeks out on the cache, and does not return a result.  Most Facebook API calls are done over HTTPS, which creates a predicament.  As a workaround, I proxy traffic using a Zend PHP proxy when I see that the user is using IE.  Hopefully this gets resolved soon.

3. Profile albums
On occasion, it appears that Facebook albums become corrupted.  When this happens, when mousing over a link to the album on Facebook, the user will see that the album id is -3.  When querying for these photos using the Graph API, the returned dataset will be empty.  The bug is detailed here.  A workaround is to fallback to FQL, which will return the proper photos.

Edit - Feb 1.
4. Empty FQL results
If you’ve tested FQL queries using Facebook’s FQL test harness, and are seeing the data you expect, and get to your application, and see {} and [], be sure to check the permissions you’ve granted the application.  The FQL test harness appears to operate with full permissions, so every query comes back with a plentiful bounty of data.

Edit - Mar 23
Not really a Flash-related issue, but with Facebook’s new feature for users to browse using HTTPS, Canvas-based apps must now be browsable as HTTPS.  Get those SSL certificates out, kids.

Posted by on 01/10 at 10:55 AM






Remember my personal information

Notify me of follow-up comments?

Next entry: Convo

Previous entry: Compare internet files with ease!

<< Back to main