4

On https://www.eventhello.com/overridden_routes/not_mobile, I have an iFrame displaying the mobile version of our application. When from within the iFrame a visitor tries to connect with LinkedIn, Twitter, or Facebook using OAuth, it takes over the parent window.

Is there any way to have the open auth open in a new window and then go back to the iframe within the parent window when complete?

BWelfel
  • 532
  • 6
  • 20

1 Answers1

4

I don't believe this is possible nor wanted behavior. The user would be unable to confirm the URL they are accessing. I certainly wouldn't enter my credentials into an iframe.

GregSchoen
  • 404
  • 3
  • 9
  • That makes sense... I edited the question to find a middle ground that would make the user experience secure and not take the parent window away from the page. – BWelfel Jul 10 '11 at 17:20
  • You could try to close the window when the callback returns, but it probably won't be supported in all browsers. That's more of a Javascript question. – GregSchoen Jul 10 '11 at 17:29
  • 1
    The main reason not to allow framing of pages wherein you enter passwords or other credentials is clickjacking. – Jon Nylander Jul 10 '11 at 18:28