Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

iframe without an src attribute

Tags:

I would like to create an <iframe> on the page, but then add the src later. If I make an iframe without an src attribute, then it loads the current page in some browsers. What is the correct value to set for the src so that it just loads a blank iframe?

The answers I've seen are:

  • about:blank
  • javascript:false
  • javascript:void(0)
  • javascript:"";
  • url to a blank page

Is there a clear winner? If not, what are the tradeoffs?

I'd like to not have mixed content warnings for HTTPS urls, nor any back-button, history, or reload weirdness in all browsers from IE6 onward.

like image 511
Paul Tarjan Avatar asked Nov 26 '10 10:11

Paul Tarjan

People also ask

Does iframe have to have src?

The HTML <iframe> tag denotes an inline frame within the HTML document. The primary usage of the inline frame is to embed another document within the current HTML document. In order to embed the intended document within the <iframe>, the address of the target document should be specified as src attribute value.

Why iframe is not recommended?

If you create an iframe, your site becomes vulnerable to cross-site attacks. You may get a submittable malicious web form, phishing your users' personal data. A malicious user can run a plug-in. A malicious user can change the source site URL.

What is the src attribute in iframe?

The HTML <iframe> src attribute is used to specify the URL of the document that are embedded to the <iframe> element. Attribute Values: It contains single value URL which specifies the URL of the document that is embedded to the iframe.

Does anyone use iframes anymore?

You see code iframes commonly used on websites that need to include external content like a Google map or a video from YouTube. Both of those popular websites use iframes in their embed code.

2 Answers

Not sure if all browsers support "about:blank", so I'd just go with your own blank page then.

Another idea: Why not add the whole iframe using javascript instead of just the src?

like image 161
Mario Avatar answered Sep 27 '22 15:09

Mario

Standard approach when creating an "empty" iframe (as an iframe shim, for example), is to set the src as javascript:false;. This is the method used by most of the JavaScript libraries that create iframe shims for you (e.g. YUI's Overlay).

like image 39
nefarioustim Avatar answered Sep 27 '22 17:09

nefarioustim
Sign in to Comment

Related questions

Conflict between jQuery Validate and Masked Input
mysql field name from variable
Remote console.log() on iOS devices
What happens when we say "listen to a port"?
Wrap text in a table reportlab?
Force Eclipse to automatically import a class with multiple options
Do minor currency units have a ISO standard?
How to use git am to apply patches from email messages?
CMake: reuse object files built for a lib into another lib target
Emacs Org-Mode: Turn off line numbers
How To Set DateTime.Kind for all DateTime Properties on an Object using Reflection
Why is an assembly .exe file?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!