My site uses simplemodal with an iframe for sharing options. If a user tries to share using twitter and has not yet authorized my app, then I would like to open the authorization page (http://twitter.com/oauth/authorize) within the iframe.
After hours of troubleshooting a blank page in the iframe, I read that twitter does not support iframes. I’m currently working around by opening the oath page in a new window, which then closes on redirect, but it feels much more clunky.
Is there a security risk in having the oath page load in an iframe?