ptg16476052566 LESSON 20: Working with Frames and Linked Windows
everything you might expect from a web page. But I made the reasons very simple. For
example, here is the HTML for reason2.html:
<!doctype html>
<html>
<head>
<title>Reason 2</title>
</head>
<body>
<p>I knew you were coming, so I'm baking a cake</p>
</body>
</html>This page is really simple and seems like a lot of work to change the text of the iframe.
But with the new attribute srcdoc, you can place the HTML you want to display in the
frame right in the iframe tag. Instead of referencing an entire page, the browser will load
the HTML you specify. Here’s how to set reason 1 as the default source document:
<iframe name="reason" src="reason1.html"
srcdoc="<p>My chair is trying to kill me</p>"
style="width: 450px; height: 105px"></iframe>You don’t need a complete HTML document inside the srcdoc
attribute. If the browser doesn’t support the srcdoc attribute,
however, it will show the HTML in the src attribute instead. So,
don’t leave that out. As of this writing, only Internet Explorer,
Edge, and Opera Mini don’t support the srcdoc attribute.NOTEHTML5 also adds a security feature to iframes: the sandbox attribute. If you include this
on your iframes, it will load them with extra restrictions. You can load your frames with
all the restrictions by just in cluding the attribute on your iframe tag like this:
<iframe src="frame.html" sandbox></iframe>
This will add the following security features to your framed content:
n The content will be treated as if it’s coming from a foreign domain, even if it’s not.
n Forms cannot be submitted from within the iframe.
n Scripts cannot be executed in the iframe.
n APIs are disabled.
n Links cannot target other browser contexts.
n Content cannot use embedded content, such as through the <object> or <embed>
tags.