It is quite easy to send messages between the parent and the iframe. For a new iframeĬonst iframe = document.createElement("iframe") Ĭonst iframe = document.querySelector('.my-iframe') Or if you can add the listeners to your iframe programmatically. You can listen to them with the onload and onerror attribute, respectively: The error event: This is triggered when loading fails.In other words, all static assets have been downloaded, and all the elements in the DOM tree have fired their load event The load event: This is triggered when the iframe is fully loaded.When you are initiating the iframe, two of these event handlers come in handy to improve the experience, like displaying a spinner or a specific message to assist the user: Iframe events and communication Loading and errorsīecause an iframe is a document, you can use most global event handlers. To remove it, you can use the style attribute to set the border CSS property to none: Note that, by default, the iframe element has a border around it. You may find more than the ones listed above, but keep in mind that they are not supported in HTML5 anymore: align, frameborder, longdesc, marginheight, marginwidth and scrolling. To this day, there are eight attributes we can use to customize the behavior or styling of an iframe. By using communication events between the iframe and the parent (more on how to do so later in this article), I managed to design a powerful editor in a snap. But the thing with these editors is that you have to find a way to keep the focus and the selection when the user is clicking on all the buttons across the interface.īecause an iframe offers an isolated environment, this means that the focus or the selection is never lost when you are clicking outside of it. The other situation when iframes saved my life was when I had to build a WYSIWYG editor for a customer. It's supposed to be rendered in black on a white background."> The content you see here will never be affected by the CSS of its parent container. On a particular page, I needed to list them to let the user preview and choose one.īut to prevent the CSS of the current website from affecting the style of these templates, I figured out that using an iframe with the srcdoc attribute was the cleanest solution. In an application, a user could create emails and save them as templates.
To illustrate how this isolation from the JavaScript and CSS is handy, let’s take a look at these two situations. The iframe can still behave in annoying or malicious ways - triggering a popup or autoplaying videos, for instance. Nevertheless, as you will see in this guide, the separation is not so perfect. That is one of the valid purposes to use an iframe: to provide a measure of separation between your application and the iframe content. Thus, it will be isolated from the JavaScript and CSS of the parent. What you must keep in mind when thinking about iframes is that they let you embed an independent HTML document with its own browsing context. Here is another example in which we display a button to tweet your webpage on Twitter: You may have crossed paths with it when you had to include a third-party widget (like the famous Facebook like button), a YouTube video, or an advertising section on your website.įor instance, the code below will display a 500px square with the Google homepage within: What is an iframe, and when do you use it?ĭevelopers mainly use the iframe tag to embed an HTML document within another. Finally, we’ll talk about how you can secure your iframes to avoid potential vulnerabilities.
We’ll go through most of the features the iframe element provides and talk about how you use them, as well as how iframes can be useful for overcoming some tricky situations.
To help you form your own opinion and sharpen your developer skills, we will cover all the essentials you should know about this controversial tag. Besides, it’s not that hard to secure them, so you won’t have to worry about your user’s machine becoming compromised. I believe that their bad reputation should not prevent you from relying on them they have many legitimate uses cases. Even though all modern browsers support them, many developers write endless articles advising against using them. The iframe element (short for inline frame) is probably among the oldest HTML tags and was introduced in 1997 with HTML 4.01 by Microsoft Internet Explorer.