Iframes (Security)

All HTML topics
∙ Chapter 40

Iframes Security

Iframes embed another page inside your page. Real websites often block being embedded. Use security attributes like sandbox and good defaults like loading="lazy".

AttributeWhy
sandboxRestricts what the iframe can do (recommended for untrusted content)
loading="lazy"Loads iframe only when near the viewport
referrerpolicyControls referrer information sent
allowPermissions for camera, microphone, fullscreen, etc.
iframe-security.php
📝 Edit Code
👁 Live Preview
💡 sandbox without values is very strict. Add permissions only if needed.