2_from_object_to_iframe
dz / mdn / html / 1_multimedia_and_embedding / 2_from_object_to_iframeSummary
From object To iframe
Node Tree
- iframe
- plugin_technologies
- frames
Nodes
frames | |
content | Frames |
children | parts_of_website_individual_html (description), frameset |
parts_of_website_individual_html | |
content | Parts of website stored in individual HTML pages |
parents | frames |
frameset | |
content | frameset |
children | master_doc_frames_stored (description) |
parents | frames |
master_doc_frames_stored | |
content | Master document where frames are stored |
parents | frameset |
plugin_technologies | |
content | Plugin Technologies |
children | java_applets, tag_embed, tag_object, flash |
java_applets | |
content | Java Applets |
parents | plugin_technologies |
flash | |
content | flash |
parents | plugin_technologies |
tag_object | |
content | <object> |
children | tag_embed (less used than) |
parents | mdn/html/elements, plugin_technologies |
tag_embed | |
content | <embed> |
parents | tag_object, mdn/html/elements, plugin_technologies |
iframe | |
content | IFrame |
children | other_ways_to_embed_content, security, tag_iframe, embed_webpage_inside_another (description) |
embed_webpage_inside_another | |
content | Embed entire webpage inside another, as if it were <img> or such element |
parents | iframe |
tag_iframe | |
content | <canvas> |
children | sandbox, src, width_height, allow_fullscreen, border |
parents | iframe, mdn/html/elements |
other_ways_to_embed_content | |
content | Other ways of embedding content |
children | tag_canvas, tag_video |
parents | iframe |
tag_video | |
content | <video> |
parents | mdn/html/elements, other_ways_to_embed_content |
tag_canvas | |
content | <canvas> |
parents | mdn/html/elements, other_ways_to_embed_content |
border | |
content | border |
parents | tag_iframe |
allow_fullscreen | |
content | allow-fullscreen |
parents | tag_iframe |
src | |
content | src |
parents | tag_iframe |
width_height | |
content | Width/height |
parents | tag_iframe |
sandbox | |
content | sandbox |
children | use_sandbox |
parents | tag_iframe |
security | |
content | security |
children | only_embed_when_necessary, use_https, use_sandbox, CSP, click_jacking, common_target |
parents | iframe |
click_jacking | |
content | Click-jacking |
children | embed_invisible_iframe (description) |
parents | security |
common_target | |
content | Common target/attack vector |
parents | security |
embed_invisible_iframe | |
content | Embed invisible iframe and capture user interactions |
parents | click_jacking |
only_embed_when_necessary | |
content | Only embed when necessary |
parents | security |
use_https | |
content | Use HTTPS |
parents | security |
use_sandbox | |
content | Always use sandbox attribute |
children | never_add_allow_script_and_allow_same_origin |
parents | sandbox, security |
CSP | |
content | CSP |
children | set_of_http_headers, content_security_policy (acronym), x_frame_options |
parents | security |
content_security_policy | |
content | Content Security Policy |
parents | CSP |
set_of_http_headers | |
content | Set of HTTP headers, designed to improve security of HTMl document |
parents | CSP |
never_add_allow_script_and_allow_same_origin | |
content | Never allow both allow-script and allow-same-origin to sandbox attribute |
children | could_disable_sandboxing |
parents | use_sandbox |
could_disable_sandboxing | |
content | Embedded content could bypass the same-origin policy, and use JavaScript to disable sandboxing altogether |
parents | never_add_allow_script_and_allow_same_origin |
x_frame_options | |
content | x-frame-options header |
parents | CSP |