Red Bull is renowned in some circles for the strength of its Facebook business page, particularly among marketers who admire its clear "call to action" for visitors to click that "Like" button. Yet, thanks to the pace of change on the Facebook platform, which renders one day's best practices obsolete the next, the Red Bull page is broken as I write this--or at least appears broken to some users.
I point this out not to ridicule Red Bull's Web developers but to sympathize with them. Many Facebook applications and page tabs that were created in the last month or two to take advantage of one change in the Facebook platform (the FBML to IFrames shift) have been tripped up by another change ("secure browsing"). I've spoken with many small website operators who rushed to create or redesign their Facebook page tabs to fit the new specification and now are discovering that their pages don't display properly for everyone.
Instead, they get an error like the one I saw when I tried to visit the Red Bull page: "Sorry! We can't display this content while you're viewing Facebook over a secure connection (https). Would you like to temporarily switch to a regular connection (http) to use this app?" This goes to show it's not only the little guys who got caught flatfooted.
What is happening here is that Red Bull has created a welcome message to be viewed when a new person visits the page, with lots of colorful errors pointing to the "Like" button at the top of the page and the message "LIKE OUR PAGE. HINT, HINT." There is no prize for subtlety here--the virtue is in removing all doubt about what visitors are being asked to do. I went to this page in the first place looking for outstanding examples of this "reveal tab" effect, where special offers are typically displayed once you've signed up. I'd found it on a list of 40 Highly Effective Facebook Business Pages.
Previously, the only way to create a page tab was to program it in Facebook Markup Language (FBML). You could serve a page as FBML from a remote site, but Facebook would proxy it--importing the content from your site, processing it, and then serving it from Facebook.com. The IFrame integration method is more flexible in many ways, but it effectively means you are viewing two pages at the same time--the outer facebook.com page and a second page embedded within the IFrame. In this case, the content is coming from an external Web page on a server that appears not to have an SSL certificate installed. If a user is browsing in https mode and no matching https address has been supplied for a tab's content, Facebook refuses to display mixed secure and insecure content. So the default content for the Red Bull Facebook page--the bit that's supposed to convert you to everlasting fandom--isn't shown if you're an https user unless you click the "okay, show me this horribly insecure content" button.