2_from_object_to_iframe
dz / mdn / html / 1_multimedia_and_embedding / 2_from_object_to_iframeSummary
From object To iframe
Node Tree
- iframe
- plugin_technologies
- frames
Nodes
| frames | |
| content | Frames |
| children | parts_of_website_individual_html (description), frameset |
| parts_of_website_individual_html | |
| content | Parts of website stored in individual HTML pages |
| parents | frames |
| frameset | |
| content | frameset |
| children | master_doc_frames_stored (description) |
| parents | frames |
| master_doc_frames_stored | |
| content | Master document where frames are stored |
| parents | frameset |
| plugin_technologies | |
| content | Plugin Technologies |
| children | java_applets, tag_embed, tag_object, flash |
| java_applets | |
| content | Java Applets |
| parents | plugin_technologies |
| flash | |
| content | flash |
| parents | plugin_technologies |
| tag_object | |
| content | <object> |
| children | tag_embed (less used than) |
| parents | mdn/html/elements, plugin_technologies |
| tag_embed | |
| content | <embed> |
| parents | tag_object, mdn/html/elements, plugin_technologies |
| iframe | |
| content | IFrame |
| children | other_ways_to_embed_content, security, tag_iframe, embed_webpage_inside_another (description) |
| embed_webpage_inside_another | |
| content | Embed entire webpage inside another, as if it were <img> or such element |
| parents | iframe |
| tag_iframe | |
| content | <canvas> |
| children | sandbox, src, width_height, allow_fullscreen, border |
| parents | iframe, mdn/html/elements |
| other_ways_to_embed_content | |
| content | Other ways of embedding content |
| children | tag_canvas, tag_video |
| parents | iframe |
| tag_video | |
| content | <video> |
| parents | mdn/html/elements, other_ways_to_embed_content |
| tag_canvas | |
| content | <canvas> |
| parents | mdn/html/elements, other_ways_to_embed_content |
| border | |
| content | border |
| parents | tag_iframe |
| allow_fullscreen | |
| content | allow-fullscreen |
| parents | tag_iframe |
| src | |
| content | src |
| parents | tag_iframe |
| width_height | |
| content | Width/height |
| parents | tag_iframe |
| sandbox | |
| content | sandbox |
| children | use_sandbox |
| parents | tag_iframe |
| security | |
| content | security |
| children | only_embed_when_necessary, use_https, use_sandbox, CSP, click_jacking, common_target |
| parents | iframe |
| click_jacking | |
| content | Click-jacking |
| children | embed_invisible_iframe (description) |
| parents | security |
| common_target | |
| content | Common target/attack vector |
| parents | security |
| embed_invisible_iframe | |
| content | Embed invisible iframe and capture user interactions |
| parents | click_jacking |
| only_embed_when_necessary | |
| content | Only embed when necessary |
| parents | security |
| use_https | |
| content | Use HTTPS |
| parents | security |
| use_sandbox | |
| content | Always use sandbox attribute |
| children | never_add_allow_script_and_allow_same_origin |
| parents | sandbox, security |
| CSP | |
| content | CSP |
| children | set_of_http_headers, content_security_policy (acronym), x_frame_options |
| parents | security |
| content_security_policy | |
| content | Content Security Policy |
| parents | CSP |
| set_of_http_headers | |
| content | Set of HTTP headers, designed to improve security of HTMl document |
| parents | CSP |
| never_add_allow_script_and_allow_same_origin | |
| content | Never allow both allow-script and allow-same-origin to sandbox attribute |
| children | could_disable_sandboxing |
| parents | use_sandbox |
| could_disable_sandboxing | |
| content | Embedded content could bypass the same-origin policy, and use JavaScript to disable sandboxing altogether |
| parents | never_add_allow_script_and_allow_same_origin |
| x_frame_options | |
| content | x-frame-options header |
| parents | CSP |