[thelist] Bug or Feature?
Stephen Rider
evolt_org at striderweb.com
Wed Dec 1 10:07:12 CST 2004
I've encountered an interesting rendering difference between
Firefox/Safari and IE.
I'm using the *object* tag to embed one html document within another.
(A third-party company is providing us with functionality that we want
to appear directly within one of our pages).
The odd thing is, IE refuses to display an embedded HTML page if the
page is located at a different domain. so with www.abc.com/inside.htm
embedded within www.123.com/outside.htm, IE displays a blank box where
the embed should be. Firefox and Safari show the embedded page.
If both pages are on the same domain (www.abc.com/inside.htm embedded
in www.abc.com/outside.htm), all three browsers display the embedded
page.
So here's the question: is this a bug in IE or a security feature? I
can see how someone having the ability to... say, embed a totally
separate page in a 1px by 1px frame might be a security risk, in a
sense, but I can also imagine somebody deciding it should be
disallowed.
Either way, is there a way around it?
(or am I just rambling?)
More information about the thelist
mailing list