What are iFrames?

Also known as simply “frames,” these HTML tag devices allow 2 or more websites to be displayed simultaneously on the same page. Facebook now allows companies to create customized tabs for its fan pages using iFrames, a process which developers find much easier than using the previous “FBML,” or Facebook markup language.

IT is an HTML document embedded inside another HTML document on a website. The IFrame HTML element is often used to insert content from another source, such as an advertisement, into a Web page. Although they behave like an inline image, it can be configured with its own scrollbar independent of the surrounding page’s scrollbar.

A Web designer can change an IFrame’s content without requiring the user to reload the surrounding page. This capacity is enabled through JavaScript or the target attribute of an HTML anchor. Web designers use them to embed interactive applications in Web pages, including those that employ Ajax (Asynchronous JavaScript and XML), like Google Maps or e-commerce applications.


Iframes are used for several different purposes, such as online advertising and multimedia. Many ad

platforms use them to display ads on web pages since they provide more flexibility than an inline script.


Since iframes may contain an entire webpage, advertisers can include extra tracking code within them that helps ensure accurate reporting for both the advertiser and publisher.

Iframes are also used for displaying different types of media within a webpage.

For example, YouTube videos and Google Maps windows are often embedded in webpages using iframes.

Many web applications use them since they can display dynamic content without reloading the webpage.

In 2008, hackers seeded Internet search results with malicious IFrame code, leading to IFrame overlay attacks on many prominent websites, including those for USA Today and ABC News. The attackers inserted the code into the saved search results of legitimate websites. When a visitor clicked on a link from the compromised search tool, he would be redirected to a malicious website by the IFrame code. The unsuspecting user’s computer would then be vulnerable to the automatic download of malware.


« Back to Glossary Index