I searched the forums and apparently nobody noticed yet: authentication performed via iframe seems to be broken from today. I don't have a simple page, but a MochaUI platform (web destop) app which loads OpenID auth into virtual windows via iframe. I tested even with a simple page like...
<iframe src ="https://open.login.yahooapis.com/openid/op/auth?... "> <p>Your browser does not support iframes.</p> </iframe>
The 302 headers cause the whole page to refresh diverting users to yahoo.com.
Does anyone know how to solve this, or can anyone of the Yahoo team restore it as it was before?