W3C home > Mailing lists > Public > whatwg@whatwg.org > August 2010

[whatwg] Iframe dimensions

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 11 Aug 2010 10:03:28 -0700
Message-ID: <AANLkTim2Oa91v47WvqoZFENDXvNLMccgxG1qR2dsM+Oz@mail.gmail.com>
On Wed, Aug 11, 2010 at 8:05 AM, Markus Ernst <derernst at gmx.ch> wrote:
> Am 11.08.2010 00:24 schrieb Ian Hickson:
>> On Mon, 5 Jul 2010, Markus Ernst wrote:
>>> Example: http://test.rapid.ch/de/haendler-schweiz/iseki.html (This is
>>> under construction.) As a workaround to the height problem, I applied a
>>> script that adjusts the iframe height to the available height in the browser
>>> window. But of course the user experience would be more consistent if the
>>> page could behave like a single page, with only one scrollbar at the right
>>> of the browser window.
>>
>> If you control both pages and can't use seamless, you can use
>> postMessage() to negotiate a size. On the long term, I expect we'll make
>> seamless work with CORS somehow. I'm waiting until we properly understand
>> how CORS is used in the wild before adding it all over the place in HTML.
>
> A solution at authoring level for cases where the author controls both pages
> would be quite helpful. I think of a meta element in the embedded document
> that specifies one or more domains that are allowed to embed it seamlessly
> in an iframe, such as e.g.:
> <meta name="allow-seamless-embedding" name="domain.tld, otherdomain.tld">
>
> I think that this would be ok from a security POV, and much easier than
> using CORS.

That feels like re-inventing CORS.  Maybe we should make CORS easier
to use instead?

Adam
Received on Wednesday, 11 August 2010 10:03:28 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:59 UTC