global attributes |
In addition to the personal attributes of the <iframe> tag below, any of the common HTML attributes can also be coded.
|
width ,
height |
the width and height of the internal frame, respectively
The contents of the iframe as a whole are not resized based on these dimensions like an image would be, although the HTML tags in the referenced source document could resize portions of its contents.
|
name |
the name of the nested browsing context
|
sandbox |
a list of permissions for the HTML code in the document referenced by the src attribute, separated by spaces.
sandbox=""
- When the
sandbox attribute is coded without any permissions, the referenced source document is restricted from performing any of the restricted actions.
sandbox="allow-forms"
- If one of the values in the
sandbox attribute is "allow-forms" , then forms are allowed in the referenced source document.
sandbox="allow-scripts"
- If one of the values in the
sandbox attribute is "allow-scripts" , then scripts are allowed in the referenced source document. This should not be used in conjunction with allow-same-origin , since then the script could simply remove the sandbox attribute to bypass the restrictions.
sandbox="allow-same-origin"
- If one of the values in the
sandbox attribute is "allow-same-origin" , then . This should not be used in conjunction with allow-scripts , since then the script could simply remove the sandbox attribute to bypass the restrictions. When this value is omitted, the content from the referenced source document is forced into a "sandboxed origin browsing context" that prevents it from accessing HTML content or browser cookies from the original document's origin.
allow-same-origin can be used to allow the HTML code in the referenced document to:
- access the DOM (HTML elements, etc.) of the original document, while preventing it from running scripts
- post data back to its originating site, while preventing it from doing other things such as opening pop-up windows
sandbox="allow-top-navigation"
- If one of the values in the
sandbox attribute is "allow-top-navigation" , then target="_top" is allowed, which can be used in an HTML <a> tag to replace the current document.
|
seamless="seamless" |
The value "seamless" indicates that the content of the document referenced by the src attribute should appear as if the HTML code was included the document where the <iframe> tag is coded. This is essentially an HTML include statement, which eliminates the need for a separate <include> tag in HTML 5.
Omitting the seamless attribute indicates that the content of the internal frame is to be put into a nested browsing context separate from the original document.
|
src |
a URI reference that resolves to the URL of a document with the content to be displayed in the internal frame
If the srcdoc attribute is also specified, this attribute will be ignored by HTML 5 browsers; it will only be used by older browsers that do not support the srcdoc attribute.
Use percent escape codes as explained in the URL Encoding Tutorial for any special characters in the URI reference.
If the value of the src attribute is an HTTP URL, it may contain any of the following components:
- protocol scheme, typically
http: or else https:
- username, followed by an "@"
- host name or IP address
- port number, which defaults to 80 for the
http scheme and 443 for the https scheme
- absolute or relative path
- search query, indicated by "?"
If the protocol scheme, username, host name/IP address and port number are omitted the default is the current host - the same server as the base of the current document. If the path starts with a slash /... , it is an absolute path from the document root directory (AKA "web root") on the server. A relative path will be resolved relative to the base of the current document.
|
srcdoc |
The srcdoc attribute specifies the HTML code for the content to be displayed in the internal frame. Although the code can be a full HTML document starting with a DOCTYPE declaration, some tags that would normally be required in a standalone HTML document become optional, such as the <title> tag (and therefore the empty <head> tag, <html> tag and now parentless <body> tag). Therefore, the value of the srcdoc attribute can be minimized to something as simple as a single phrasing content element, such as a paragraph tag.
|