Back to News for Developers

Platform Updates: Operation Developer Love

September 5, 2012ByZhen Fang

Since last Wednesday's update, we published a Developer Spotlight on Tripl, launched a new Notifications API to reach users 1:1, and Updates to the Graph API.

Improvements to the Facebook SDK for Android

We’ve released an update to the Facebook SDK for Android that includes stability improvements as well as support for our mobile ads for apps beta program, which will help us provide you with information about the effectiveness of your ads and the use of your app.

Update to Graph API for Scores and Achievements

We have made the Graph API for scores and achievements more flexible by removing the requirement that you use an app access token to publish. Instead, you can use a user access token, which allows you to publish scores and achievements directly from the client. This means that using the API for scores no longer requires building out a server component. However, you will still need a server to host the open graph objects for achievements. If you are already using the API with an app access token, you can continue to do so without impact. This is not a breaking change. For more details please refer to our scores and achievements documentation.

Facebook for iOS App: Fix for Login URL Regression

We identified an issue in the new Facebook for iOS (v5.0) app that may affect a small number of iOS apps. The URL returned at the end of Facebook Login changed format and uses a ? delimiter instead of a #. The Facebook SDK for iOS handles this and parses the URL correctly, but apps that parse the URL without the SDK may be affected. We only know of a handful of apps affected by this behavior and are working on a fix for the Facebook app.

Testing Subscriptions

Subscriptions now supports test users. This will allow you to more easily test your subscriptions implementation end to end. For more information see the subscriptions and test users documentation."

Breaking Changes Effective Today

As announced in June, the following breaking changes are effective today, September 5, 2012:

  • Deleting FB.Canvas.setAutoResize
  • Built-in actions required for watching and reading
  • Renaming 'likes' property of Comments and 'votes' property of QuestionOptions
  • Minor change to admin.getAppProperties call
  • Returning actual size in photo_src table

Announcing December 2012 Breaking Changes (90-Day Notice)

Per our 90 day Breaking Change Policy, the following changes will go into effect on December 5th, 2012:

Removing the Static FBML Page tab app
We removed FBML in July of this year so any FBML code that was being used in the Static FBML Page app would have stopped working at that time. However, the Static FBML Page app is still able to render plain HTML. On December 5th, we will remove the Static FBML Page app and any Static FBML tabs you had installed on your Page will disappear. To replace any Static FBML tabs you may be using, we recommend you either host your own content and create your own Page tab or search the web for "Static HTML Facebook Page Tab" to find a replacement.

New policies for desktop web games off of
The following policies will go into effect:

13a. Desktop web games off of may only use Facebook Login (Authentication, excluding user connections such as friend list), Social Plugins and publishing (e.g., Feed Dialog, Stream Publish, or Open Graph). When authenticating, these games may not request additional permissions other than age, email, and our Publishing Permissions.

13b. Games on and mobile must not share the same app ID with desktop web games off of You must not use Canvas apps to promote or link to game sites off of Facebook, and must not use emails obtained from us to promote or link to desktop web games off of

For more information, check out the Platform Policies.

The following changes can all be enabled/disabled using the "December 2012 Breaking Changes" migration until December 5th when they will go into effect permanently for everyone:

New security restrictions for OAuth authorization codes
We will only allow authorization codes to be exchanged for access tokens once and will require that they be exchanged for an access token within 10 minutes of their creation. This is in line with the OAuth 2.0 Spec which from the start has stated that "authorization codes MUST be short lived and single use". For more information, check out our Authentication documentation.

Stripping HTML from Page description field
As some Page descriptions contain HTML, we will begin stripping HTML tags from the description column/field of the Page FQL table and the Page Graph API object so as to not require you to parse/render HTML when using a Page description. We will add a description_html column/field that will contain the description including the HTML tags (as description used to contain). The description_html Graph API field will not be returned by default. It will have to be explicitly requested by including a ?fields=description_html parameter in your Graph API GET request.

Graph API will return full Custom Open Graph objects
We will begin returning full Custom Open Graph objects (including custom-defined fields) via the Graph API when requesting them using the id parameter (e.g. Currently we only return the id and shares fields for these objects.

Check out the Developer Roadmap for more info.

Bugs activity between Wednesday, August 29 and Wednesday, September 5

  • 175 bugs were reported
  • 36 bugs were reproducible and accepted (after duplicates removed)
  • 16 bugs were by design
  • 51 bugs were fixed
  • 55 bugs were duplicate, invalid, or need more information

Bugs fixed between Wednesday, August 29 and Wednesday, September 5

Activity on between Wednesday, August 29 and Wednesday, September 5

  • 436 questions asked
  • 315 questions with a score of 0 or greater
  • 118 answered, 37% answered rate
  • 187 replied, 59% reply rate