Coca-Cola seems to have nailed it pretty well. Even before any user interaction, they manage to know where you are at their Facebook page:

This works in IE, so no HTML5 involved (and after all, Facebook won't recognize the navigator object in Javascript).

How do they do this?

First of all, I don't think it can be done using javascript. Here's how you can do it using a server side language, like PHP.

If you take a closer look of the page you provided (coca cola landing tab) you can see that selection of the country works even if the user is not logged in with facebook.

When you set up a facebook application you can provide a tab url. This is the address relative to you canvas url from which facebook serves the content when your application is added to a page (inside a tab).

If you do a var_dump of the $_SERVER superglobal variable you would see a variable named HTTP_X_FB_USER_REMOTE_ADDR. This is the IP address of the respective user. After you get the user IP address you can easily use a geolocation service to find out the country :).

Good luck!

later edit

It seems that the variable i was talking about is not available inside a tab. I just did some more tests and either the user is logged in or not you always have the POST variable called fb_sig_country which is the TLD of the country the user cmes from.

Through Facebook's app api i am sure they are able to get the ip address of the user and then do a geo ip lookup. Or facebook provides an api call that tells them what country.

EDIT:
From http://developers.facebook.com/docs/guides/canvas

In order to create a personalized user experience, Facebook sends your application information about the user. This information is passed to your Canvas URL using HTTP POST within a single signed_request parameter which contains a base64url encoded JSON object.

When a user first accesses your app, the signed_request parameter contains a limited amount of user data. In order to gain access to all the user information available to your application by default (like the user's Facebook ID), the user must authorize your application. Facebook offers a number of different ways to handle authorization ranging from the Login Button to manually performing the OAuth2.0 flow on your Web server.

> A JSON array containing the locale and country of the current user. The locale and country are always available.

You get a limited amount of information about the user, their locale and country, and only until they authorize the app can you get the default information.

You can find this very simply via PHP

$country = $_POST['fb_sig_country']

Developers who use custom tabs can leverage our new *fb_sig_country* request header to display different content based on a user’s locale. For example, if your application uses a custom tab to show the latest World Cup standings, you can use fb_sig_country to present highlights for a user’s country. (Note: if you use fb_sig_country, you must also handle the case where the field is blank, because you might not have content for every country in the world.)

via http://developers.facebook.com/blog/post/394

Facebook passes the current user's country and locale in the user portion of the signed request. Read up here: https://developers.facebook.com/docs/authentication/signed_request/

It's also possible to use normal geo-ip methods if you have an iframe application (which is now required, so most likely you do). MaxMind provides javascript-based detection as well as databases for use on the server side. It's free if you include a link back to maxmind.com somewhere in your app. http://www.maxmind.com/app/javascript_city