[twitter-dev] OAuth login in an IFRAME?
We'd like to perform the OAuth login in an IFRAME, but Twitter redirects the window.top to the page if it detects that it's IFRAME'd. Is there a reason why we *must* show a window.open()? The reason why this is an issue is because the window.open() approach is not modal, i.e. we cannot force the pop-up in focus. This becomes a real usability issue for the users who, say, accidentally, clicks back into the opener window and doesn't realize that there's another window open that they cannot get to now without Alt+Tab or finding it in the taskbar (assuming the user's even using Windows).
Re: [twitter-dev] OAuth login in an IFRAME?
hi. i think this is one of the general frustrations with oauth - the whole idea is that the customer would see that the URL bar has a secure twitter.comURL. i'm not sure how you would demonstrate that if in an iframe. On Tue, Dec 22, 2009 at 12:48 PM, jxdavis jxda...@godaddy.com wrote: We'd like to perform the OAuth login in an IFRAME, but Twitter redirects the window.top to the page if it detects that it's IFRAME'd. Is there a reason why we *must* show a window.open()? The reason why this is an issue is because the window.open() approach is not modal, i.e. we cannot force the pop-up in focus. This becomes a real usability issue for the users who, say, accidentally, clicks back into the opener window and doesn't realize that there's another window open that they cannot get to now without Alt+Tab or finding it in the taskbar (assuming the user's even using Windows). -- Raffi Krikorian Twitter Platform Team http://twitter.com/raffi
Re: [twitter-dev] OAuth login in an IFRAME?
Have a look at how Facebook handles it. When they do a window.open() there is a notification in the existing window directing the user to look for the new window. When the new window closes the notification automatically goes away. Look under Linked Accounts: https://register.facebook.com/editaccount.php Screenshot of the notification: http://www.flickr.com/photos/4braham/4207503740/ On Tue, Dec 22, 2009 at 14:48, jxdavis jxda...@godaddy.com wrote: We'd like to perform the OAuth login in an IFRAME, but Twitter redirects the window.top to the page if it detects that it's IFRAME'd. Is there a reason why we *must* show a window.open()? The reason why this is an issue is because the window.open() approach is not modal, i.e. we cannot force the pop-up in focus. This becomes a real usability issue for the users who, say, accidentally, clicks back into the opener window and doesn't realize that there's another window open that they cannot get to now without Alt+Tab or finding it in the taskbar (assuming the user's even using Windows). -- Abraham Williams | Awesome Lists | http://awesomeli.st Project | Intersect | http://intersect.labs.poseurtech.com Hacker | http://abrah.am | http://twitter.com/abraham This email is: [ ] shareable [x] ask first [ ] private.