Steemconnect disallowed loading via iframe, see PR on Github. I’ve updated the Finallycomments iframe to open a popup instead. On successful authentication with Steemconnect the original iframe will reload and the popup window will close. This is standard practice for 0Auth in this situation and will feel familiar if you’ve used Twitter sign-in/tweet from an external site or similar etc.
This is an important security update for Steemconnect. It reduces the chance someone could maliciously use the Steemconnect auth process to Phish sensitive info.
The sign-in flow isn’t quite as nice as before but there is not another option.
Updates
I’ll be working on more updates to finally in the near future. Most likely guest comments first then i’ll look at working towards a Wordpress plugin.
Let me know if there are any issues or requests. 🚀
p.s thanks to @reazuliqbal for fixing a ‘typo’ (aka a variable name that would have caused issues later down the line) in the Finally repo. 👊