Either use or don't use HTTPS

The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...

plugins/FacebookBridge/FacebookBridgePlugin.php

@@ -472,30 +472,6 @@ ENDOFSCRIPT;
         return true;
     }
 
-    /*
-     * Use SSL for Facebook stuff
-     *
-     * @param string $action name
-     * @param boolean $ssl outval to force SSL
-     * @return mixed hook return value
-     */
-    function onSensitiveAction($action, &$ssl)
-    {
-        $sensitive = array(
-            'facebookadminpanel',
-            'facebooksettings',
-            'facebooklogin',
-            'facebookfinishlogin'
-        );
-
-        if (in_array($action, $sensitive)) {
-            $ssl = true;
-            return false;
-        } else {
-            return true;
-        }
-    }
-
     /**
      * If a notice gets deleted, remove the Notice_to_item mapping and
      * delete the item on Facebook