I'm trying to set the height of the app by calling:

FB.init({ appId: fbAppId,
            status: true,
            cookie: true,
            xfbml: true,
            oauth: true,
            channelURL: webUrl + '/channel.html'
        });
FB.Canvas.setAutoResize();

And it doesn't work if it's on HTTP but works on HTTPS.

Sample URL: http://www.facebook.com/ListerineAU/app_300955373319633 - doesn't work https://www.facebook.com/ListerineAU/app_300955373319633 - works

Error message:

Unsafe JavaScript attempt to access frame with URL http://www.facebook.com/ListerineAU/app_300955373319633 from frame with URL https://s-static.ak.facebook.com/connect/xd_arbiter.php?version=5#channel=f35120b198&origin=http%3A%2F%2Fjwteeth.aptira.com&channel_path=%2F%3Ffb_xd_fragment%23xd_sig%3Df2eb2cde4%26&transport=postmessage. Domains, protocols and ports must match.

It seems to be error on FB ends, has anyone else experiencing this?

Apparently our company firewall is blocking the path to

http://static.ak.facebook.com/connect/xd_arbiter.php?version=6#channel=f4f408309365a4&origin=http%3A%2F%2F[domain]&channel_path=%2F%3Ffb_xd_fragment%23xd_sig%3Df1af91536f1c7%26&transport=postmessage 

Saying that it contains some insecurity on the script.

Found this listed on facebook bugs

Latest response from Facebook

Øyvind Sean Kinsey This is an expected exception that is used to test for a condition - this has no side effects. 26/04/2012 22:29 · Status changed to By Design

https://developers.facebook.com/bugs/122268321247958

Apparently our company firewall is blocking the path to

http://static.ak.facebook.com/connect/xd_arbiter.php?version=6#channel=f4f408309365a4&origin=http%3A%2F%2F[domain]&channel_path=%2F%3Ffb_xd_fragment%23xd_sig%3Df1af91536f1c7%26&transport=postmessage 

Saying that it contains some insecurity on the script.