Menu
Possible Duplicate:
Are iframes considered 'bad practice'?
While working with web developers, I always hear from them that using iframes is something we must avoid as we can, and some say it's something bad, annoying and makes a lot of problems.
Also when i told my previous boss "not a developer" one day that i will use iframe, he looked at me as a bad developer :)
What i want to know, does iframes have a very bad history with web development?
Is it a disaster?
In some cases I see that it's a must to use iframes, is saying that means I am a bad developer?
Or all of that because of it's hard to deal with because of some security issues we must take care about while developing?
Please list your points if you hate it too or correct me if I am thinking the wrong way.
341
Iframes Bring Security Risks. If you create an iframe, your site becomes vulnerable to cross-site attacks. You may get a submittable malicious web form, phishing your users' personal data. A malicious user can run a plug-in.
IFrames are not obsolete, but the reasons for using them are rare. Using IFrames to serve your own content creates a "wall" around accessing the content in that area. For crawlers like Google, It's not immediately clear that cotent in an iframe will be ranked as highly as if the content were simply part of the page.
The iFrame contains a malicious form that can lead the user to submit sensitive information. This threat can be solved by using sandbox with removing allow-forms . The iFrame may unintentionally download malware to the user's computer.
Use the embed Tag as an Alternative to Iframe in HTML The embed tag is similar to the object tag, and it is used for the same purpose. We can embed various external resources in our web page using the embed tag. We can embed media like PDF, image, audio, video, and web pages.
Iframes can have similar issues as frames and inconsiderate use of XMLHttpRequest: They break the one-document-per-URL paradigm, which is essential for the proper functioning of the web (think bookmarks, deep-links, search engines, ...).
If you're creating a web application, use whatever technique you want to (including frames, flash, applets, $whatever). If you're creating an actual, informational web page, stick to frameless HTML, CSS and unobstrusive JavaScripts and keep in mind that the page should still be usable with scripting disabled.
194
As Nosredna said, it's probably because people confuse them with frames, and there are actually a lot of valid arguments against frames. Some of them aren't applicable to iframes, but then again some of them are.
The most striking such issue is probably that of deep linking: It's true that iframes suffer from this to a lesser extent than frames, but if you allow your users to navigate between different pages in the iframe, it will be a problem. There's also a couple of usability problems that you'll have to watch out for. The most common examble is that of double scrollbars, which I personally find incredibly annoying.
I tend to avoid iframes, mostly because I find it to be an unelegant solution. I've found that when I actually sit down and think about it, there's almost always a better solution. Despite that I also believe that there is a place for them. It's the goto of the web world: Just because it has a history of being misused, it has become consensus that it shouldn't ever be used. That really isn't the case here, but I do believe that you should think twice before using iframes.
37
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
