Contact Us
  • Facebook Curbs "Like-Jacking" with a Confirm Dialog after User Clicks an External Like Button

    Recently, we were doing some testing of Facebook social plugins on an external website, which involved a lot of Liking and Unliking, and deleting the Likes from the test-user page.

    Just when we thought we had it all working and were giving it one last test, I clicked on the Like button and — whoa! — the popup dialog appeared and quickly disappeared and the Like button was replaced with hyperlinked text “Confirm”:

    Facebook Like-jacking Confirm Button

    Clicking on the “Confirm” link then spawned the popup dialog:

    Popup Dialog for Confirming Like

    Once I “confirmed” the Like by clicking the Like button in the popup dialog, it posted on my Wall.

    Facebook explains why it implemented the Confirm button — Like-jacking

    Eugene Zarakhovsky, an admin on the Facebook Platform Developer Forum, stated:

    The confirm button is a response to the recent batch of like-jacking attacks on the Like buttons. In certain cases when we suspect a page might be involved in like-jacking based on usage patterns, we include the additional Confirm step.

    Unfortunately we have no way to manually unlock a site – this is only automated for now.

    It will also only impact a very small percentage of likes on a site where the users are aware they are Liking something — so it should not have significant impact on traffic (also users are in fact clicking Confirm).

    Negative feedback from users (for example, removing the Like story from their feed or marking it as spam) will increase the chance of seeing the Confirm dialog. My apologies again for having to be vague. I am still working on minimizing the impact of this while stopping likejacking.

    So if this happens to you, you’ll just have to be patient. Your Like buttons will eventually revert to the normal behavior.

    Read the full discussion about the “Confirm” link and Like-jacking, on the Platform Developer Forum.

    Once I discovered the reason for this, I decided to share it here.

    Additional Resources


    1. Has yours gone away yet?  Its been 3 weeks and we are clearly not like-jacking.  Ours still remain the same.

    2. Yes, ours did go away after a week or so, but we were just doing lots of testing of the Like button, liking and unliking many times to see what got posted.
      Were you doing the same thing, doing lots of testing or something? If yours persist, you may be getting like-jacked, although I have no idea how you’d find out.

    3. Jagjot Singh says:

      the like is coverting in confirm hyperlink .. and it is not correcting .. here is my blog’s link

    Speak Your Mind