ⓘ iframe – nested browsing context (inline frame) # T
The
iframe
element
introduces a new nested browsing context.
Permitted attributes #
- ⓘ
global attributes
- Any attributes permitted globally.
- ⓘ
src =
non-empty URL potentially surrounded by spaces
#
- The address of a document for the nested browsing context to contain.
- ⓘ
srcdoc = string
#
- The content of a document for the nested browsing context to contain.
- ⓘ
name =
browsing-context name
#
- A valid browsing context
name.
Any
string,
with the following restrictions:
- must
not start with a
"
_
"
character
- must
be at least one character long
- ⓘ
width =
non-negative integer
#
- The width of the
iframe,
in CSS pixels.
- ⓘ
height =
non-negative integer
#
- The height of the
iframe,
in CSS pixels.
- ⓘ
sandbox =
sandbox “allow” keywords list
NEW
#
- Instructs the UA to “sandbox” the
iframe
by disallowing/disabling various features, and then
(optionally) re-allowing/re-enabling particular features.
- The presence of this attribute—even if no value is given
(that is, the attribute is specified using
empty attribute syntax)
or even if the value consists only of
space characters—instructs the UA to
enforce all the following default sandbox restrictions:
- plugins
are disallowed/disabled within the
iframe
- forms
are disallowed/disabled within the
iframe
- scripts
are disallowed/disabled within the
iframe
- links to other
browsing contexts
are disallowed/disabled within the
iframe
- same-origin treatment
of the content hosted by the
iframe
and the content which hosts the
iframe
is disallowed/disabled; the
iframe
is instead treated as being from a
unique origin
- If any
sandbox “allow” keywords
are given, they instruct the UA to override particular
default sandbox restrictions by re-allowing/re-enabling
certain features, as follows:
allow-forms
: re-enables forms
allow-scripts
: re-enables scripts
allow-top-navigation
: re-enables links
within the content of the
iframe
to navigate to its
top-level browsing context
allow-same-origin
: re-enables
same-origin treatment of the content hosted by the
iframe
and the content which hosts the
iframe
(instead of forcing the
iframe
into a unique origin)
- ⓘ
seamless =
d:string "seamless"
or d:string ""
NEW
#
- Instructs the UA that the
iframe
element’s
browsing context
is to be rendered
in a manner that makes it appear to be part of the
containing document (seamlessly included in the parent
document).
- aria =
#
- (detailed attribute description to come)
- region =
#
- (detailed attribute description to come)
Additional constraints and admonitions #
-
The interactive element “iframe” must not
appear as a descendant of the “a” element.
-
The interactive element “iframe” must not
appear as a descendant of the “button” element.
-
The “longdesc” attribute on the “iframe” element is obsolete.
Use a regular “a” element to link to the description.
-
The “align” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
-
The “allowtransparency” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
-
The “frameborder” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
-
The “marginheight” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
-
The “marginwidth” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
-
The “scrolling” attribute on the “iframe” element is obsolete.
Use CSS instead. http://wiki.whatwg.org/wiki/Presentational_elements_and_attributes
Permitted parent elements #
any element that can contain
phrasing elements
Typical default display properties #