While I respect sticking to your guns, I don't think we're putting that genie back in its bottle. Maybe a reasonable middle ground, like a less-fraught version of the HTTPS redirect, would be to have any requests containing unknown query parameters redirect to the URLs with those parameters stripped. It does nothing to deter the people slapping them on there, but at least your visitors don't spread that plague by sharing your URL.
Of course, it all comes with the problem of needing to define up-front which query parameters your app accepts. Easy in a small app, wildly impractical in a large one with plenty of legacy code.
Better yet, send people to a trampoline page saying "You have followed a broken link. Did you mean to visit ...". Let people get the content, but rub their face in the fact that Facebook is breaking things.
What is that even supposed to accomplish other than signalling to the visitors that a) you dislike Facebook, b) you don't mind punishing others for what you perceive to be Facebook's wrongdoings? Make them abandon Facebook? Make them make Facebook to do things your way?
It probably wouldn't have any effect on Facebook. But if every link from Slack was hitting a page like this, Slack would fix it, because it makes them look stupid to their technical audience.
Of course, it all comes with the problem of needing to define up-front which query parameters your app accepts. Easy in a small app, wildly impractical in a large one with plenty of legacy code.