What is a Cross Domain Iframe?

A cross domain inline frame (iframe) is a type of web technology that can be used to embed a small portion of one website within a larger "parent" page hosted on a different domain. An iframe containing content from an external site, such as a social networking or video sharing service, can easily be placed on a webpage to add new features or boost interactivity. This practice is supported and encouraged by many of the most popular social networks and search engines which benefit from increased traffic and exposure by allowing smaller sites to access their services. Despite their popularity, iframes do suffer from limitations caused by security restrictions and incompatibility that can create problems for web developers.

An inline frame, often known as an iframe, is a feature of the HyperText Markup Language (HTML) that allows a small portion of one webpage to be displayed within another. The iframe and its parent webpage are independent of one another, meaning they are loaded separately by the browser and can be updated individually. The use of inline frames on the web has evolved since they were first introduced in the late 1990s; they were originally intended to be used with content hosted on the same server or domain, but are now commonly used to load external content from another website. This is known as a cross domain iframe.

The cross domain iframe has become a popular way for web developers to add multimedia, interactive content, or social networking features to their sites with minimal effort. In many cases, adding these elements is as simple as copying and pasting HTML code from an external website. Video sharing sites, social networking services, and search engines routinely offer this feature to encourage greater use of their products. A news website, for example, might use this approach to add a small social networking section that shows users which of their friends liked a particular article or story. A cross domain iframe might also be used to add widgets or other types of functionality to a site without extensive programming.

Technical limits, security restrictions, and incompatibility problems can limit the power of a cross domain iframe and cause headaches for developers. Iframe communication between different domains is blocked by web browsers for security reasons, thereby making it impossible for a parent page to access or alter content inside an externally hosted iframe without time-consuming workarounds. HTML 5, an ongoing effort to upgrade key portions of web technology, does include a provision for cross domain iframe communication, but this is only a practical solution if the vast majority of users visiting a site have a web browser that supports this part of the HTML 5 specification.