I used to display web pages in iframes. But when I tried to display my stackoverflow user info in an iframe, it went wrong. The content is not getting displayed. What may be the possible reason (or reasons) for this behavior? How can I display my page in an iframe? Is it possible to display it in iframe with pure html or is there any need for javaScript or AJAX or something like that? If this is not possible, is there any workaround for this?
Here is a Live Demo.
A possible reason for this could be same as that of Google. As some sites do not allow their sites to be iframed.
To quote from #Daan:
Google uses an X-FRAME-OPTIONS HTTP header to disallow putting their pages in iframes: https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
Could be a case with SO too.
Related
I want to use Google docs in my django site by embedding it with iframe tag
Or the link provided by Google for embedding.
Is there any security threat by using this method of embedding.
It really depends what are you putting in IFRAME or if someone is putting your site in their IFRAME. if the foreign site is a "normal" site - no worries, but if you allow to anyone to put your site in IFRAME you can become part of unwanted site.
I personally use IFRAMEs only from my own other sites, where it can't be done differently or from extremely trusted sites (like Youtube). Also I prevent everyone to put my site in IFRAME.
There are tons of posts around, so I would recommend to take a look at the Google.
I think the question is pretty simple: what reasons could an iframe have for not loading its content?
This came up because I have an iframe in my site's "thank you" page to track conversions. For some reason, when using dev tools in Chrome I can't find any content inside the body or head tags inside the iframe.
But if I click on the iframe's URL, the conversion is correctly activated and I see the message "Conversion logged: true".
Could there be something in my own site preventing the iframe from loading? How can I assure that the iframe will load correctly? Could using an img pixel instead solve this problem?
Because your iframe is coming from a different domain, it is possible the domain you are attempting to serve the iframe from has a security policy which prevents you from embedding it in your page.
There are two potential technologies related to this.
X-FRAME-OPTIONS HTTP header: page owners can specify that their content should not show in an iframe or only show in an iframe on the same origin (domain).
Content Security Policy (CSP): has "frame-src" (non-standard implementation in Firefox) and "frame-options" (standardized) directives. It allows setting policies for iframes similar to X-FRAME-OPTIONS.
In essence, if you're serving content from a third-party site you don't control, it's possible they may have an HTTP header or security policies in place that would prevent the iframe content from showing in your page.
More Resources:
CSP support (caniuse.com)
Other possibilities (which I think are unlikely since it worked when you loaded the page directly):
Ad-blocking browser extensions
"Do Not Track" policy
Browser extensions that block tracking tools
Tracking elements are often blocked by browser add-ons like Adblock Plus and NoScript.
For being more specific in your case, we need an example page that is demonstrating the problem.
I've a site using http and I need to put an https iframe link in it. The iframe is working fine in all browsers except in Internet Explorer. I know it's related to domain security, but need to solve it.
The error message shown in IE: "This content cannot be displayed in a frame."
How can I solve this issue?
I also tried to change the https link like: "//domain.com" and https://managewp.com/user-guide/faq/how-to-enable-iframe-in-internet-explorer-10 but both didn't work.
Please help me. Thanks in Advance.
This content cannot be displayed in a frame.
Is the message you get when you attempt to frame a page whose owner has asked for it not to be framed (using the X-Frame-Options header). This is not related to HTTP-vs-HTTPS, and it should fail on other newer browsers too.
i would like to embed the public view of my Google Scholar page into my personal webpage. I used the iframe tags, however the resulting box is just empty. What are the general rule where iframe tag applies?
Short answer: you cannot, because google refuses to allow other sites to embed its pages. Actually, if you are using a debugger, it should warn you that Google is using the same origin policy on its response:
Refused to display 'http://scholar.google.fr/...' in a frame because it set 'X-Frame-Options' to 'SAMEORIGIN'.
Want to know all about ? Follow the link below.
http://www.w3schools.com/tags/tag_iframe.asp
My opinion is to avoid iframes because of bookmarking and navigation.
Here are some alternatives
Alternatives to Iframe
http://icant.co.uk/articles/crossdomain-ajax-with-jquery/index.html
The way I solved this is by exporting all my publications from Google Scholar to a bib file then use bibbase.org to create a publications page using the generated bib file. You can embed the generated page into your website. Works fine and looks good.
As an example the following does not work
<iframe src="https://plus.google.com/110145602671775846965/about?hl=en" />
Even though I can visit the page directly. Is there any way of getting around this?
No, there is not. Like most Google applications, Google Plus uses the X-Frame-Options to block framing of pages on their site. This is a browser security mechanism; as such, there is no way to disable it.