We have an app that posts to a Facebook user's page, after getting the proper permissions, of course. Using Facebook Login for authentication, we used to be able to use wildcards for the "Allowed Domains for the JavaScript SDK" part. It seems that is no longer allowed? We have a single app that will be used for all our clients. Each client account has its own subdomain, where the javascript authentication calls come from. There is no realistic way for us to manage this without wildcard subdomains. Any thoughts here?