URLs redirect to spyware site
I'm not 100% sure what you're asking here, but i'll tell you what I know:- are you referring to this screen on Facebook?
![Screenshot of interstitial]](https://i.stack.imgur.com/sqTCk.png)
(or rather, the variation of that screen which doesn't allow clickthrough?)
- If you manually send a user to facebook.com/l.php?u=something they'll always see that message - it's a measure to prevent an open redirector
- if your users are submitting such links, including the l.php link, you'll need to extract the destination URL (in the 'u' parameter)
- If you're seeing the l.php URLs come back from the API this is probably a bug.
If links clicked on facebook.com end up on the screen it's because facebook have detected the link as suspicious (e.g. for URL redirector sites - the screen will allow clickthrough but warn the user first) or malicious/spammy (will not allow clickthrough)
In your app you won't be able to post links to the latter (an error will come back saying the URL is blocked), and the former may throw a captcha sometimes (if you're using the Feed dialog, this should be transparent to the app code, the user will enter the captcha and the dialog will return as normal)
If this isn't exactly what you were asking about please clarify and i'll update my answer
Rather than add to the question, I thought I'd put more details here.
It looks like the Facebook mention in the original title was mis-directed, so I've removed it.
We still haven't got to the bottom of the issue.
However, we used both Wireshark and Fiddler to look at the HTTP traffic between the Chrome browser (on the PC) and Facebook. Both showed that Facebook was returning the correct URL refresh.
Here's what Wireshark showed:
What we saw on Fiddler was that our server is issuing a redirect to the spywaresite.info site:
We are working with our ISP to figure out what is happening here.