During this test with FF, I'm already authenticated in facebook.
As a guest on XenForo, try to view an attachment from the "Style" forum, you'll be sent to the XF log-in page and asked to sign in. I click the "login with facebook" button, and instead of seeing the attachment (because I'm already authenticated with Facebook), I get a "Forbidden" message to that attachment. IE8 correctly shows me the attachment.
Could it be my browser misbehaving, or something wrong with the state of my Facebook session?
EDIT: I added that in both cases, I'm already authenticated with facebook.