Iframe security questions

Forum Moderators: phranque

Message Too Old, No Replies

Iframe security questions

test1

9:45 pm on Oct 2, 2008 (gmt 0)

I have a website that allows others to create simple templated websites. Right now users are limited to the type of content they can add and I've had a lot of requests to allow iframes. Since this is a hosted solution, are there any security risks to allowing iframes? If so are there any ways to avoid those risks by locking them down more?

maximillianos

3:39 pm on Oct 3, 2008 (gmt 0)

Iframes can allow you to show content from another site (URL) embedded within your page. You won't see the source URL for that embedded content. So technically if you consider that a security risk, then iFrames could be a problem.

However iFrames in general are used quite often by many sites that run ad campaigns. Often advertisers will utilize iFrames to embed their ad code on a page, one benefit being it helps reduce any page load dependencies on the ad script since it is loading in its own frame. The webpage will load with or without it, and not have to wait on it.

Hope this helps.