W3C home > Mailing lists > Public > public-html@w3.org > January 2010

Re: <iframe> operation

From: Joe D Williams <joedwil@earthlink.net>
Date: Sun, 24 Jan 2010 15:39:13 -0800
Message-ID: <5981993B049242148C200E5EDFD1184C@joe1446a4150a8>
To: "Joe D Williams" <joedwil@earthlink.net>
Cc: <public-html@w3.org>
I think <iframe> and its treatment in HTML5 is very important. It can 
be a fun, relatively lightweight element for html5 native code and 
maybe even non-native plugins. There are some meaningful "sandbox" 
security features to help the author extend safe reach by conveniently 
importing content by the html document.
Now in continuation school just to learn more about <iframe> features, 
especially in relationship to <object>, I started with these, 
intending to add markup to iframe and object elements and some content 
including some scripting and plugin tests, and ooh yes, maybe about 
iframe @srcdoc and @src using data.

If anyone has any thoughts or keystrokes that might show something 
please send or point.

http://www.hypermultimedia.com/HTML5/indexiframe.htm

http://www.hypermultimedia.com/HTML5/indexobject.htm

Thanks Again and Best Regareds,
Joe
http://www.hypermultimedia.com/HTML5/

IFRAME Seamless
 no seamless - browser default actrion makes iframe content block 
identifiable
 seamless - no browser action to make iframe content identifiable

IFRAME Sandbox
 no sandbox - anchor in iframe replaces document
 sandbox - anchor in iframe replaces iframe

 no sandbox - external urls available (css, img, script, etc loaded)
 sandbox - no external urls available (css, img, script, etc not 
loaded)
 sandbox='allow-same-origin' - absolute same origin urls allowed

 no sandbox - iframe script to change iframe works
 sandbox - iframe script to change iframe fails
 sandbox='allow-scripts' - iframe script to change iframe works

 no sandbox - iframe script to change host works
 sandbox - iframe script to change host fails
 sandbox='allow-scripts' - iframe script to change host fails

 no sandbox - form in iframe works
 sandbox - form in iframe fails
 sandbox='allow-forms' - form in iframe works

basic: no scripted window.open()
child iframes inherit parent iframe sandbox
Received on Sunday, 24 January 2010 23:39:50 UTC

This archive was generated by hypermail 2.3.1 : Monday, 29 September 2014 09:39:13 UTC