Updated Aug. 28, 2024. Take back your privacy Firefox is rolling out Total Cookie Protection by default to more Firefox users worldwide, making Firefox the
Sure, but the separate window can be on a different domain. Now you have a way to share cookies across multiple websites on different domains if all of them include an iframe to this external domain. And you can use in-browser messages (see window.postMessage()) to communicate between iframes and main window.
I haven’t worked with HTML since 1999; I hate that I’m just now finding out that iframes are somehow still a thing in the modern world. What the actual fuck. Why? Don’t we have some fancy HTML5 or Ajax or something that can replace them?
Yeah i don’t know why, probably exactly because is such a neglected feature that it offers workarounds for some limitations, like in the case of cookie-related patterns.
HTML5 can store HTML files inside of HTML files, allowing you to do what an iframe does but with a static (or updated when the page refreshes or whatever) html page
AJAX also has something that can replace iframes
But iframes continue to exist likely for legacy and how easy it is to get a basic page running using them for home projects
Does this stop me from adding to my website an iframe to facebook where facebook can keep its cookies for my user? That would be great but I doubt it.
IIRC an iframe contents is treated as a separate window, so cookies aren’t shared either
Sure, but the separate window can be on a different domain. Now you have a way to share cookies across multiple websites on different domains if all of them include an iframe to this external domain. And you can use in-browser messages (see window.postMessage()) to communicate between iframes and main window.
Indeed see sibling comment https://programming.dev/comment/11983146
https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
That’s horrific WHY?
I haven’t worked with HTML since 1999; I hate that I’m just now finding out that iframes are somehow still a thing in the modern world. What the actual fuck. Why? Don’t we have some fancy HTML5 or Ajax or something that can replace them?
Yeah i don’t know why, probably exactly because is such a neglected feature that it offers workarounds for some limitations, like in the case of cookie-related patterns.
HTML5 can store HTML files inside of HTML files, allowing you to do what an iframe does but with a static (or updated when the page refreshes or whatever) html page
AJAX also has something that can replace iframes
But iframes continue to exist likely for legacy and how easy it is to get a basic page running using them for home projects