[whatwg] Iframe dimensions from Markus Ernst on 2010-08-11 (public-whatwg-archive@w3.org from August 2010)

From: Markus Ernst <derernst@gmx.ch>
Date: Wed, 11 Aug 2010 17:05:59 +0200
Message-ID: <4C62BC57.2090806@gmx.ch>

Am 11.08.2010 00:24 schrieb Ian Hickson:
> On Mon, 5 Jul 2010, Markus Ernst wrote:
[...]
>> Example: http://test.rapid.ch/de/haendler-schweiz/iseki.html (This is 
>> under construction.) As a workaround to the height problem, I applied a 
>> script that adjusts the iframe height to the available height in the 
>> browser window. But of course the user experience would be more 
>> consistent if the page could behave like a single page, with only one 
>> scrollbar at the right of the browser window.
> 
> If you control both pages and can't use seamless, you can use 
> postMessage() to negotiate a size. On the long term, I expect we'll make 
> seamless work with CORS somehow. I'm waiting until we properly understand 
> how CORS is used in the wild before adding it all over the place in HTML.

A solution at authoring level for cases where the author controls both 
pages would be quite helpful. I think of a meta element in the embedded 
document that specifies one or more domains that are allowed to embed it 
seamlessly in an iframe, such as e.g.:
<meta name="allow-seamless-embedding" name="domain.tld, otherdomain.tld">

I think that this would be ok from a security POV, and much easier than 
using CORS.

> On Tue, 6 Jul 2010, Markus Ernst wrote:
>> My problem is this sentence in the spec for seamless: "This will cause 
>> links to open in the parent browsing context."
>>
>> In an application like 
>> http://test.rapid.ch/de/haendler-schweiz/iseki.html, the external page 
>> should be able to re-call itself inside the iframe, for example if a 
>> sort link is clicked or a search form submitted.
> 
> On Tue, 6 Jul 2010, Ashley Sheridan wrote:
>> Could you explicitly call the _self target in links in the frame? I 
>> wasn't sure if the target attribute was going or not, but I'd expect 
>> target="_self" to override the default seamless action.
> 
> Good point. Fixed. You can now work around this by targetting the frame 
> explicitly using <base target=_self>. (Or by using target=foo if the 
> iframe has name=foo.)

Great!

Received on Wednesday, 11 August 2010 08:05:59 UTC