how to get facebook profile image real url in https

Question

I am wondering if there is a way to get facebook user profile image's real url in https.

Like I use https://graph.facebook.com/20926460/picture to get a the profile image,

It will redirect to http://profile.ak.fbcdn.net/hprofile-ak-snc4/41539_20926460_5421452_q.jpg.

Is there a way to get the "https" version of the second url? or is the url existing?

Answer 1

Update 10 sept 2012

https://graph.facebook.com/20926460/picture now redirects to https urls.

Answer 2

This might have changed in the docs since you last looked, I know everyone got excited about https after that snooping tool came out.

"If you need a picture to be returned over a secure connection, you can set the return_ssl_resources argument to 1: https://graph.facebook.com/xx_userid_xx/picture?return_ssl_resources=1."

Hopefully that won't redirect you.

Answer 3

You can just replace http by https in the target url but keep in mind that it is only temporary and may time out.

there is also no valid ssl certificate, but if you ignore that, the file will be served.

if you need a valid certified https url for pictures you need to set up a proxy script on your server that passes through the file.

edit:

as for your comment here is an example of what i meant by "proxy script".

you can put it on your server and request it with whatever protocl/scheme you like.

just like it was a local picture. you should probably validate the mime type. do some error handling and prevent injections etc. but just to give you ap icture:

<?
header("Content-Type: image/jpeg");
echo file_get_contents('https://graph.facebook.com/'.intval($_GET["id"]).'/picture');

fyi i put the int cast there to prevent injection hacking.

script is untested but should work as file_get_contents will follow redirects.