Resumen
El elemento HTML inline frame (<iframe>) representa un contexto de navegación anidada, el cual permite incorporar otra página HTML en la página actual. Cada contexto de navegación tiene su propia historia, sesión y documento activo. El contexto de navegación que incluye el contenido implícito se llama contexto de navegación principal. El contexto de navegación de nivel superior (que no tiene padre) es típicamente la ventana del navegador.
Uso contexto
| contenido Permitido | Datos de caracter normal (referencias de texto y caracteres) |
| Omisión de Etiqueta | Ninguna, deben tener una etiqueta de inicio y una etiqueta final. |
| Elementos padres permitidos | Cualquier elemento que acepte contenido fraseo. |
| Normativa documento | HTML 5, section 4.8.2; HTML 4.01, section 16.5 |
Atributos
Al igual que todos los elementos HTML, este elemento admite los atributos globales.
-
alignin HTML 4.01, in HTML5 - La alineación de este elemento con respecto al contexto que lo rodea.
-
frameborderHTML 4 only - El valor 1 (por defecto) indica al navegador establecer una frontera entre este marco y todo otro marco. El valor 0 indica que el navegador no establece una frontera entre este marco y otros marcos.
-
height - Indica la altura del frame HTML5en píxeles CSS, o HTML 4.01 en píxeles o como un porcentaje.
-
longdescHTML 4 only - Una URI de una descripción larga del marco. Debido al mal uso generalizado, esto no es útil para navegadores no visuales.
-
marginheightHTML 4 only - The amount of space in pixels between the frame's content and its top and bottom margins.
-
marginwidthHTML 4 only - The amount of space in pixels between the frame's content and its left and right margins.
-
mozallowfullscreen -
In Gecko 9.0 or later, this attribute can be set to
trueif the frame is allowed to be placed into full screen mode by calling itselement.mozRequestFullScreen()method. If this isn't set, the element can't be placed into full screen mode. -
webkitallowfullscreen -
In Chrome 17 or later (and maybe earlier), this attribute can be set to
trueif the frame is allowed to be placed into full screen mode by calling itselement.webkitRequestFullScreen()method. If this isn't set, the element can't be placed into full screen mode. -
mozappOnly available on Firefox OS - For frames hosting an open web app, this specifies the URL of the app manifest. This ensures that the app is loaded with the right permissions. See Using the Browser API for details. Available in Gecko 13.0 and later.
-
mozbrowserOnly available on Firefox OS -
Indicates that the frame is to appear like a top-level browser window to the embedded content. This means that
window.top,window.parent,window.frameElement, etc. will not reflect the frame hierarchy. This allows for a web browser UI to be implemented entirely with web technology, given the right permissions. See Using the Browser API for details. Available in Gecko 13.0 and later. -
name -
A name for the embedded browsing context (or frame). This can be used as the value of the target attribute of an
<a>or<form>element, or the formtarget attribute of an<input>or<button>element. -
remoteOnly available on Firefox OS - Load the frame's page in a separate content process.
-
scrollingHTML 4 only -
Enumerated attribute indicating when the browser should provide a scroll bar (or other scrolling device) for the frame:
auto: Only when needed.yes: Always provide a scroll bar.no: Never provide a scoll bar.
-
sandboxHTML5 only -
If specified as an empty string, this attribute enables extra restrictions on the content that can appear in the inline frame. The value of the attribute can be a space-separated list of tokens that lift particular restrictions. Valid tokens are:
allow-same-origin: Allows the content to be treated as being from its normal origin. If this keyword is not used, the embedded content is treated as being from a unique origin.allow-top-navigation: Allows the embedded browsing context to navigate (load) content to the top-level browsing context. If this keyword is not used, this operation is not allowed.allow-forms: Allows the embedded browsing context to submit forms. If this keyword is not used, this operation is not allowed.allow-scripts: Allows the embedded browsing context to run scripts (but not create pop-up windows). If this keyword is not used, this operation is not allowed.
Note:
- When the embedded document has the same origin as the main page, it is strongly discouraged to use both
allow-scriptsandallow-same-originat the same time, as that allows the embedded document to programmatically remove thesandboxattribute. Although it is accepted, this case is no more secure than not using thesandboxattribute. - Sandboxing in general is only of minimal help if the attacker can arrange for the potentially hostile content to be displayed in the user's browser outside a sandboxed
iframe. It is recommended that such content should be served from a separate dedicated domain, to limit the potential damage.
-
seamlessHTML5 only -
This Boolean attribute indicates that the browser should render the inline frame in a way that makes it appear to be part of the containing document, for example by applying CSS styles that apply to the
<iframe>to the contained document before styles specified in that document, and by opening links in the contained documents in the parent browsing context (unless another setting prevents this). -
src - The URL of the page to embed.
-
srcdocHTML5 only - The content of the page that the embedded context is to contain.
-
width - Indicates the width of the frame HTML5 in CSS pixels, or HTML 4.01 in pixels or as a percentage.
DOM interface
Scripting
Inline frames, like <frame> elements, enter the window.frames pseudo-array.
From the DOM iframe element, scripts can get access to the window object of the included HTML page via the contentWindow property. The contentDocument property refers to the document element inside the iframe (this is equivalent to contentWindow.document), but is not supported by Internet Explorer versions before IE8.
From the inside of a frame, a script can get a reference to the parent window via window.parent.
Scripts trying to access a frame's content are subject to the same-origin policy, and cannot access most of the properties in the other window object if it was loaded from a different domain. This also applies to a script inside a frame trying to access its parent window. Cross-domain communication can still be achieved with window.postMessage.
Example
<script type="text/javascript"> var iframe = window.getElementsByTagName( "iframe" )[ 0 ]; alert( "Frame title: " + iframe.contentWindow.title ); </script> <iframe src="page.html" width="300" height="300"> <p>Your browser does not support iframes.</p> </iframe>
Notes
Starting in Gecko 6.0 (Firefox 6.0 / Thunderbird 6.0 / SeaMonkey 2.3), rendering of inline frames correctly respects the borders of their containing element when they're rounded using border-radius.
Browser compatibility
| Feature | Chrome | Firefox (Gecko) | Internet Explorer | Opera | Safari (WebKit) |
|---|---|---|---|---|---|
| Basic support | 1.0 | (Yes) | (Yes) | (Yes) | (Yes) |
sandbox |
4 | 17.0 (17.0) | ? | ? | ? |
seamless |
4 | Not supported | ? | ? | ? |
srcdoc |
4 | Not supported | ? | ? | ? |
allowfullscreen |
17 webkit | 9.0 (9.0) moz | Not supported | Not supported | Not supported |
| Feature | Android | Firefox Mobile (Gecko) | IE Phone | Opera Mobile | Safari Mobile |
|---|---|---|---|---|---|
| Basic support | (Yes) | (Yes) | (Yes) | (Yes) | (Yes) |
sandbox |
? | 17.0 (17.0) | ? | ? | ? |
seamless |
? | Not supported | ? | ? | ? |
srcdoc |
? | Not supported | ? | ? | ? |
allowfullscreen |
? | 9.0 (9.0)moz | Not supported | Not supported | Not supported |
| Elementos HTML |
|---|
| A B C D E F G H I J K L M N O P Q R S T U V W X Y Z |
| (Enlaces rápidos: Categoría HTML) |