Facebook Offers Canvas Encryption Proposal to Fix the User ID Issue

Facebook has responded to the issue of applications inadvertently sharing user IDs through HTTP referrer headers by proposing a new system for encrypting the parameters passed to applications. This Canvas Encryption Proposal stipulates that UIDs would require the receiving application’s secret key to decrypt, preventing anyone else from reading information about the user.