
Facebook Connect was down - arrel
https://www.facebook.com/dialog/permissions.request?client_id=113869198637480&response_type=token%2Csigned_request%2Ccode&display=none&domain=developers.facebook.com&origin=1&redirect_uri=https%3A%2F%2Fs-static.ak.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D18%23cb%3Df316d2040c%26origin%3Dhttps%253A%252F%252Fdevelopers.facebook.com%252Ff3d7317998%26domain%3Ddevelopers.facebook.com%26relation%3Dparent&sdk=joey
======
burnout1540
Not only is it down, but it's redirecting everyone who visits a site with FB
Connect on it to this error page. For example: <http://www.economist.com>

~~~
tokenadult
The site

<http://www.economist.com/>

works fine for me, perhaps because I have never used Facebook to log into it.

AFTER EDIT: Replying to the kind reply to this comment, I am ALWAYS logged in
to Facebook (with AdBlock Plus and Social Fixer and Ghostery activated, using
Chrome), and I was surfing all over the Web completely normally while sites
were reported to be redirecting. So maybe something different about my set-up
protected me from the problems many other users observed today.

~~~
pserwylo
With Ghostery running, it should not even load anything from a Facebook
domain. The (buggy) code to redirect people to facebook.com would no doubt be
served fromFacebook themselves. Stopping that code from being served to your
browser means they can't redirect.

I absolutely love Ghostery and other related tools.

------
mxxx
A perfect case study in why the current practice of "just add a script tag
with 'facebook.com/whatever.js' into your page and all your LIKE buttons will
work magically!" is an absolutely terrible idea.

~~~
benihana
'Absolutely terrible' is a just a _wee bit_ hyperbolic. It is an idea that has
positives and negatives, but you only notice it when it does this. And how
many times has it done this since they've implemented it?

~~~
yogo
Broken behavior related to this happens quite often actually. I've had sites
that were bitten by this or some variant. If you follow the Facebook bug
tracker it comes up every now and then (it might be localized to a degree in
some cases). They do move fast and I think fix it quickly in most cases. In
fact there was something that was broken just last week here on HN but the
behavior wasn't something that affected so many sites to this degree.

------
jemfinch
Hulu seems to have N-1 redundancy: with Facebook Connect down, I can't even
login using my non-facebook Hulu account.

------
feint
I just removed the FB connect code from Pen.io - Causing automatic redirects
for all logged in users. Luckily it was easy to kill for us and won't cause
users any issue with logging in.

~~~
foxylad
Our three sites are now free of Like buttons. It would be interesting to see
how many disappeared today.

------
taylorbuley
Should we be surprised?

Facebook Connect was deprecated in 2010

[http://mashable.com/2010/04/21/facebook-kills-facebook-
conne...](http://mashable.com/2010/04/21/facebook-kills-facebook-connect/)

~~~
hayksaakian
As a brand.

from the same article: " Instead, the company is standardizing the
interactions between Facebook and third parties via Facebook's new Open Graph
protocol and the OAuth 2.0 standard."

------
TheYComb
They just fixed. I saw the same problem on zendesk (video attached):
<http://news.ycombinator.com/item?id=5185484>

------
DigitalSea
This outage goes to show that a lot of people who have implemented Facebook
Connect are doing it wrong. If the only way people can login to your website
or application is via Facebook then you deserve every bit of downtime you get
(cynical, but true). You should never solely rely third party service at any
time, regardless of how big to fail they appear to be. Always allow a user to
login more ways than one.

------
saurik
Facebook logins for mobile web pages is also failing for many users (which
Facebook considers "Priority: Low"). Facebook has been having serious blocking
issues for days.

<https://developers.facebook.com/bugs/331103197009388>

------
gagan2020
This might be because of - February 2013 Breaking Changes Now Live
[https://developers.facebook.com/blog/post/2013/02/06/platfor...](https://developers.facebook.com/blog/post/2013/02/06/platform-
updates--operation-developer-love/)

And, they are surely breaking.

~~~
hc5
This is my guess as well - our app updated and Facebook connect works just
fine.

------
gisikw
Move Fast and Break Things

------
jacques_chester
Fitocracy had this earlier.

I poked around a bit. When you include Facebook's JS, it calls on a PHP file
which (inter alia) returns a <meta> tag with a redirection instruction taking
you to the broken page.

------
zopticity
As pointed out in the previous post, you should not rely 100% on Facebook as
your Auth gateway. You should have an alternative for your users to login in
case of something like this happens.

~~~
kevin_morrill
This breaks people who have all kinds of other login options. For my site we
had to actually exclude the FB JS from our site to prevent the redirect.

------
foxylad
See <http://news.ycombinator.com/item?id=5185600>. Every page with a FB Like
button on it went to that FB error page.

------
27182818284
Does this only affect those logged in to Facebook? I quit Facebook for a year
so I'm not sure whether it is fixed or whether I was just not bothered by it
at all

~~~
cadr
Yes, that seems to be the case. Also, it has just apparently been fixed.

------
porterhaney
I'm surprised the redirect loop can even happen. Seems malicious. Another
example: <http://www.usatoday.com>

------
josh2600
Again, building large things on big proprietary services is a bad idea unless
you understand what you're getting into.

I can almost guarantee that the folks that implemented FB connect didn't
understand that the failure mode could forward all traffic to FB. I have no
idea how that could become a rational design decision.

------
aj700
So one day, Mark says to Bill, "Call THAT a monoculture? I got your Central
Point of Failure right here!"

------
kevin_morrill
Appears to be "fixed" now. Economist.com no longer redirects. FB's own
developer pages (<https://developers.facebook.com/roadmap/>) used to manifest
this too, and no longer do.

------
ClifReeder
Seems to be not redirecting anymore, but it definitely was for a while.

------
Lightning
It's been fixed. The status page doesn't mention the blip though:
<http://developers.facebook.com/live_status/>

~~~
noahth
Entertainingly, that page was among those affected.

------
robertfw
This pushed us to implement a kill switch for our facebook functionality.
Something we'll keep in mind the next time we're integrating with third party
services.

------
joebeetee
Wow - it's asking me to re-auth the developer app. This is a big bug and we've
been very badly bitten by it. Not going to make the same mistake again.

------
lanthe
Seems fixed now.

------
wangarific
A clever way to take over the Internet.

------
citricsquid
If you're affected by this logging out of Facebook stops the redirect
happening.

~~~
jonursenbach
Tell that to the millions of users who are just going to blame this on the
sites that it's happening to. What a clusterfuck.

------
allsystemsgo
Hmph. And I was just sitting down to do a iOS Facebook connect tutorial.

------
jonchang
Works for me. I just signed into two separate sites with FB Connect.

------
taf2
memories of long nights hacking around facebook bugs... here's to paid
services that don't need facebook!

------
brennenHN
Quick, integrate with clef.io instead!

~~~
callahad
Or give up closed, centralized systems altogether and take a look at Mozilla's
Persona project -- the open web deserves open, federated authentication
systems.

(N.B.: I work on Persona, and it _does_ have a centralized fallback for
bootstrapping browsers and identities. The difference is that the
centralization is temporary, optional, and automatically goes away over time.)

------
smartazzwhole
This is ruining my life.

------
Kiro
It's still worth it.

