How come the "No, Thanks" button opens the callback url in a new window/tab?

[Nathan Rajlich]

My scenario is that we are opening that authorization page in a popup window via `window.open()`. When the user clicks "Allow", the popup window is redirected back to our server, and a page is returned that notified the opening page (the main window) that authorization is complete, and closes the popup window.

This flow breaks when the user clicks on "No, Thanks". This is because for some reason Twitter is opening the callback url, with the ?denied query-string, in a new window/tab. This leaves the auth popup window open unnecessarily, and no event being passed back to the original page.

In my opinion, Twitter should be simply redirecting the current window, not opening a new one, when the user rejects permissions. Or is there a better place to bring this up with the Twitter team (bug tracker?). Thanks in advance!