View Full Version : Why don't websites allow iframe embedding?

09-01-2012, 12:07 PM

I've recently done some work where I needed to use Iframes, and that's when I learned that some big websites don't allow you to embed them in an iframe. For example Google and Facebook (and many others)...

But I haven't found the information on why that is so. I very much doubt that Google or Facebook mind waisting resources that way or something, it doesn't make sense. So I thought maybe it's a branding thing, because they don't want their logo appearing inside some other stupid website.... But then, how come Microsoft Bing allows it?

Just as an addition to this post, I'd like to add that as weird as it seems (to me at least), the downloadable phpMyAdmin also doesn't allow it. It seems pointless to disallow it on a product that is free to download and to use for whatever, and that is also open-source, so removing that restriction isn't really a problem.

09-01-2012, 08:36 PM
I think you are totally confused. Facebook - is a social networking site. Why should they allow you iframe on it? They don't allow you to post in HTML either. For the Facebook pages, they even have FBML a markup language. So they have their reason not to allow certain HTML, including iframes.

Google is a search engine, unless you are refering to some other service from them. Google the SE can't allow or stop you from using iframes on your sites. It is totally up to you and they have no control over the sites they index. However, they do not index the content inside the iframes on pages they index - which is what they should be. Iframes are third party content and need not be considered to be part of the page they appear.

Not sure if Bing the search engine index contents of iframe along with the proper HTML content of the site.

Basically, iframes have a purpose and they should be used only in situations that demand it. You can't compare FB and Google and they both servve different purpose and obviously they know what kind of content is right is what context. If you have a web page, obviously you need not use an iframe to add content to it.

09-02-2012, 04:08 PM
alemcherry, I think you are totally confused. The OP was asking why some websites prevent you from embedding their site into an iframe e.g. <iframe src="http://google.com"></iframe>

It is a preference of the site. They normally rather not associate your site with theirs. If you are trying to embed search results into your site then there are ways to do that or if you are trying to get facebook information then there are ways to do that. As for why phpmyadmin allows, they don't really care how you use it as they know it is a tool that only you would be using for your site.

Which leads me to my next point, why did you need the iframes in the first place? There is usually a better alternative.

09-02-2012, 06:03 PM
Indeed alemcherry did understand it wrong.

As for your question about why I need iframes, the reason is that I'm actually developing an application in which my users will, among other things, be able to load another website in an iframe. Reasons of which are irrelevant right now because the scope of my application is too big to explain in detail. But in general, embedding search results or integrating Facebook isn't solving my iframe problem.

I understand that my users won't be able to load Facebook, Google and some other sites and that's okay. But this realization just tickled my curiosity as to why that was. It's weird for me to think that Google is afraid of their brand being compromised by this, since they're so well known... and even more so because Bing allows it. Them two are the greatest sources of my confusion about this and they are the reason I'm so doubtful about it just being a brand thing (or as you put it, associating their site with others).

As for why phpmyadmin allows, they don't really care
I just have to correct you on this one, phpMyAdmin doesn't allow it, that's what's weird about it. It's free and open-source (and this limitation is easy to remove), yet they don't wish to have it loaded in an iframe...

09-03-2012, 08:10 AM
Let's say you make a website smoogle.com, and you embed google.com in an iframe, but along the top you've got a few links to your own crap that makes you money. And by embedding google.com, you make your site 10,000% more useful than it would be without having google embedded. You are now profiting from google without any of the overhead of developing/operating google. Not cool, not kosher, not something google allows you to do.

It's kind of like buying a bunch of cans of coke, slapping your own label over top of it, and selling it as your own product for a little more than you paid. You are representing yourself as the product, when in fact it's Coke.

Bing's probably more desperate for anyone to use their product, so they're willing to let people iframe them in. Or, it hasn't occurred to them that people might even do such a thing. :p

09-04-2012, 10:51 PM
Bing's probably more desperate for anyone to use their product, so they're willing to let people iframe them in. Or, it hasn't occurred to them that people might even do such a thing. :p

That made me LOL...

But yeah, you're dead on. It's to keep people from doing these stupid kind of "black hat" things with their websites. It's not simply about maintaining brand integrity, but also to keep people from exploint the public's trust in these pages for malicious purposes. I've heard of ways where it may be possible to capture login information using iframes (I don't know if they're legit or not-- I'm not a hacker and I've never really had the interest to look into it too much) so there could be other security concerns there as well.