Our volunteers haven't translated this article into বাংলা (বাংলাদেশ) yet. Join us and help get the job done!
You can also read the article in English (US).

The HTML Inline Frame element (<iframe>) represents a nested browsing context, effectively embedding another HTML page into the current page. You can include any number of <iframe> elements within a document, each of which embeds another document inside <body> of a page.

Each embedded browsing context has its own session history and active document. The browsing context that contains the embedded content is called the parent browsing context. The topmost browsing context—the one without a parent—is usually the browser window, represented by the Window object.

Because each embedded browsing context created by <iframe> is itself a complete document environment, every use of <iframe> within a page can cause substantial increases in the amount of memory and other computing resources required by the document overall, so while theoretically you can use as many <iframe> as you like on a page, you should keep the potential for performance issues in mind.

Content categories Flow content, phrasing content, embedded content, interactive content, palpable content.
Permitted content Fallback content, i.e. content that is normally not rendered, but that browsers not supporting the <iframe> element will render.
Tag omission None, both the starting and ending tag are mandatory.
Permitted parents Any element that accepts embedded content.
Permitted ARIA roles application, document, img
DOM interface HTMLIFrameElement

Attributes

This element includes the global attributes.

allow
The allow attribute is used to specify a feature policy for the iframe.
allowfullscreen
This attribute can be set to true if the frame is allowed to be placed into full screen mode by calling its requestFullscreen() method.
This attribute is considered a legacy attribute and redefined as allow="fullscreen".
allowpaymentrequest
This attribute can be set to true if the contents of a cross-origin <iframe> should be allowed to invoke the Payment Request API.
This attribute is considered a legacy attribute and redefined as allow="payment".
height
Indicates the height of the frame in CSS pixels; prior to HTML 5, this value was specified in device pixels or as a percentage. Percentage values are no longer allowed.
importance
Indicates the relative importance of the resource. Priority hints are delegated using the values:

auto: Indicates no preference. The browser may use its own heuristics to decide the priority of the resource.

high: Indicates to the browser that the resource is of high priority.

low: Indicates to the browser that the resource is of low priority.

name
A name for the embedded browsing context (or frame). This can be used as the value of the target attribute of an <a>, <form> or <base> element, or the formtarget attribute of an <input> or <button> element. It can also be used as the value of the windowName parameter in the window.open() method.
referrerpolicy
A string indicating which referrer to use when fetching the resource:
  • no-referrer: The Referer header will not be sent.
  • no-referrer-when-downgrade: No Referer: header will be sent when navigating to an origin without TLS (HTTPS). This is a user agent’s default behavior, if no policy is otherwise specified.
  • origin: The referrer will be the origin of the page, that is roughly the scheme, the host, and the port.
  • origin-when-cross-origin: Navigations to other origins will be limited to the scheme, the host and the port, while navigations on the same origin will include the referrer's path.
  • unsafe-url: The referrer will include the origin and the path (but not the fragment, password, or username). This case is unsafe because it can leak origins and paths from TLS-protected resources to insecure origins.
sandbox
If specified as an empty string, this attribute enables extra restrictions on the content that can appear in the inline frame. The value of the attribute can either be an empty string (all the restrictions are applied), or a space-separated list of tokens that lift particular restrictions. Valid tokens are:
  • allow-forms: Allows the embedded browsing context to submit forms. If this keyword is not used, this operation is not allowed.
  • allow-modals: Allows the embedded browsing context to open modal windows.
  • allow-orientation-lock: Allows the embedded browsing context to disable the ability to lock the screen orientation.
  • allow-pointer-lock: Allows the embedded browsing context to use the Pointer Lock API.
  • allow-popups: Allows popups (like from window.open, target="_blank", showModalDialog). If this keyword is not used, that functionality will silently fail.
  • allow-popups-to-escape-sandbox: Allows a sandboxed document to open new windows without forcing the sandboxing flags upon them. This will allow, for example, a third-party advertisement to be safely sandboxed without forcing the same restrictions upon a landing page.
  • allow-presentation: Allows embedders to have control over whether an iframe can start a presentation session.
  • allow-same-origin: Allows the content to be treated as being from its normal origin. If this keyword is not used, the embedded content is treated as being from a unique origin.
  • allow-scripts: Allows the embedded browsing context to run scripts (but not create pop-up windows). If this keyword is not used, this operation is not allowed.
  • allow-storage-access-by-user-activation : Allows the embedded browsing context to request access to the embedding document's storage capabilities (e.g. cookies, Web Storage) via the Storage Access API.
  • allow-top-navigation: Allows the embedded browsing context to navigate (load) content to the top-level browsing context. If this keyword is not used, this operation is not allowed.
  • allow-top-navigation-by-user-activation: Allows the embedded browsing context to navigate (load) content to the top-level browsing context only when initiated by a user gesture. If this keyword is not used, this operation is not allowed.
Notes about sandboxing:
  • When the embedded document has the same origin as the main page, it is strongly discouraged to use both allow-scripts and allow-same-origin at the same time, as that allows the embedded document to programmatically remove the sandbox attribute. Although it is accepted, this case is no more secure than not using the sandbox attribute.
  • Sandboxing in general is only of minimal help if the attacker can arrange for the potentially hostile content to be displayed in the user's browser outside a sandboxed iframe. It is recommended that such content should be served from a separate dedicated domain, to limit the potential damage.
  • The sandbox attribute is not supported in Internet Explorer 9 and earlier versions.
src
The URL of the page to embed. Use "about:blank" to embed an empty page that conforms to the same-origin policy.
srcdoc
The content of the page that the embedded context is to contain. This attribute is expected to generally be used together with the sandbox attribute. If a browser supports the srcdoc attribute, it will override the content specified in the src attribute (if present). If a browser does not support the srcdoc attribute, it will show the file specified in the src attribute instead (if present). Note that if the content of the attribute contains a script tag then a closing script tag is required for the script to run, even if nothing else comes after the script.
width
Indicates the width of the frame. Beginning in HTML 5, this is specified in CSS pixels. Previously, it was specified in either device pixels or as a percentage. See Window.devicePixelRatio for an explanation of the difference between CSS pixels and device pixels.

Deprecated attributes

These attributes are deprecated and may no longer be supported by all browsers and user agents. You should not use them in new content, and should try to remove them from existing content.

align Deprecated since HTML4.01, Obsolete since HTML5
The alignment of this element with respect to the surrounding context.
frameborder Obsolete since HTML5
The value 1 (the default) tells the browser to draw a border between this frame and every other frame. The value 0 tells the browser not to draw a border between this frame and other frames. You should instead use the CSS property border and its longhand properties to create borders around <iframe>s.
longdesc Obsolete since HTML5
A URI of a long description of the frame. Due to widespread misuse, this is not helpful for non-visual browsers.
marginheight Obsolete since HTML5
The amount of space in pixels between the frame's content and its top and bottom margins.
marginwidth Obsolete since HTML5
The amount of space in pixels between the frame's content and its left and right margins.
scrolling Obsolete since HTML5
Enumerated attribute indicating when the browser should provide a scroll bar (or other scrolling device) for the frame:
  • auto: Only when needed.
  • yes: Always provide a scroll bar.
  • no: Never provide a scroll bar.

Non-standard attributes

mozbrowser
See bug 1318532 for exposing this to WebExtensions in Firefox.
Makes the <iframe> act like a top-level browser window. See Browser API for details.
Available only to WebExtensions.

Scripting

Inline frames, like <frame> elements, are included in the list of the window's frames in the window.frames pseudo-array.

From the DOM HTMLIFrameElement object which implements the <iframe> element, scripts can get access to the window object of the included HTML page via the contentWindow property. The contentDocument property refers to the document element inside the <iframe> (this is equivalent to contentWindow.document).

From the inside of a frame, a script can get a reference to the parent window using window.parent.

Scripts trying to access a frame's content are subject to the same-origin policy, and cannot access most of the properties in the other window object if it was loaded from a different domain. This also applies to a script inside a frame trying to access its parent window. Cross-domain communication can still be achieved using Window.postMessage().

Positioning and scaling

As a replaced element, the position and alignment of the embedded document within the <iframe> element's box, as well as the scaling of the embedded content, can be adjusted using the object-position and object-fit properties.

Examples

Here are a few examples demonstrating the use of the <iframe> element.

A simple <iframe>

This is a basic example of an <iframe> in action. After creating the frame, when the user clicks a button, its title is retrieved and displayed in an alert.

HTML

<iframe src="https://mdn-samples.mozilla.org/snippets/html/iframe-simple-contents.html" title="iframe example 1" width="400" height="300">
  <p>Your browser does not support iframes.</p>
</iframe>

Result

Open a link in an <iframe> in another tab

In this example, a Google map is displayed in a frame;

HTML

<base target="_blank">
<iframe id="Example2"
    title="Example2"
    width="400"
    height="300"
    frameborder="0"
    scrolling="no"
    marginheight="0"
    marginwidth="0"
    src="https://maps.google.com/maps?f=q&amp;source=s_q&amp;hl=es-419&amp;geocode=&amp;q=buenos+aires&amp;sll=37.0625,-95.677068&amp;sspn=38.638819,80.859375&amp;t=h&amp;ie=UTF8&amp;hq=&amp;hnear=Buenos+Aires,+Argentina&amp;z=11&amp;ll=-34.603723,-58.381593&amp;output=embed">
</iframe>

<br>
<small>
  <a href="https://maps.google.com/maps?f=q&amp;source=embed&amp;hl=es-419&amp;geocode=&amp;q=buenos+aires&amp;sll=37.0625,-95.677068&amp;sspn=38.638819,80.859375&amp;t=h&amp;ie=UTF8&amp;hq=&amp;hnear=Buenos+Aires,+Argentina&amp;z=11&amp;ll=-34.603723,-58.381593" style="color:#0000FF;text-align:left"> See bigger map </a>
</small>

Result

Accessibility concerns

People navigating with the aid of assistive technology such as a screen reader can use the value of a title attribute declared on an iframe to determine what embedded content it contains. The title's value should concisely describe the embedded content. 

<iframe title="The Wikipedia page for Avocados" src="https://en.wikipedia.org/wiki/Avocado"></iframe>

Without this description, they may have to navigate into the iframe and browse around to determine what the embedded content is. This context shifting can be a confusing and time-consuming process, especially for pages where multiple iframe embeds are present and/or if the embeds contain interactive content such as video or music.

Specifications

Specification Status Comment
Referrer Policy
The definition of 'referrerpolicy attribute' in that specification.
Candidate Recommendation Added the referrerpolicy attribute.
HTML Living Standard
The definition of '<iframe>' in that specification.
Living Standard  
HTML5
The definition of '<iframe>' in that specification.
Recommendation  
HTML 4.01 Specification
The definition of '<iframe>' in that specification.
Recommendation  
Screen Orientation API Working Draft Adds allow-orientation-lock to the sandbox attribute.
Presentation API
The definition of 'allow-presentation' in that specification.
Candidate Recommendation Adds allow-presentation to the sandbox attribute

Browser compatibility

Update compatibility data on GitHub
DesktopMobile
ChromeEdgeFirefoxInternet ExplorerOperaSafariAndroid webviewChrome for AndroidEdge MobileFirefox for AndroidOpera for AndroidiOS SafariSamsung Internet
Basic supportChrome Full support 1Edge Full support YesFirefox Full support Yes
Notes
Full support Yes
Notes
Notes The resize CSS property doesn't have any effect on this element due to bug 680823.
IE Full support YesOpera Full support YesSafari Full support Yes
Notes
Full support Yes
Notes
Notes Safari has a bug that prevents iframes from loading if the iframe element was hidden when added to the page. iframeElement.src = iframeElement.src should cause it to load the iframe.
WebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support Yes
Notes
Full support Yes
Notes
Notes The resize CSS property doesn't have any effect on this element due to bug 680823.
Opera Android Full support YesSafari iOS Full support Yes
Notes
Full support Yes
Notes
Notes Safari has a bug that prevents iframes from loading if the iframe element was hidden when added to the page. iframeElement.src = iframeElement.src should cause it to load the iframe.
Samsung Internet Android Full support Yes
align
Deprecated
Chrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
allow
Experimental
Chrome Full support 60Edge No support NoFirefox No support NoIE No support NoOpera Full support 47Safari Full support 11.1WebView Android Full support 60Chrome Android Full support 60Edge Mobile No support NoFirefox Android No support NoOpera Android Full support 47Safari iOS No support NoSamsung Internet Android No support No
allowfullscreenChrome Full support 27
Full support 27
Full support 17
Prefixed
Prefixed Requires the vendor prefix: webkit
Edge Full support YesFirefox Full support 18
Full support 18
Full support 9
Prefixed
Prefixed Requires the vendor prefix: moz
IE Full support 11
Prefixed
Full support 11
Prefixed
Prefixed Requires the vendor prefix: ms
Opera Full support YesSafari Full support 7
Full support 7
Full support Yes
Prefixed
Prefixed Requires the vendor prefix: webkit
WebView Android ? Chrome Android ? Edge Mobile Full support YesFirefox Android Full support 18
Full support 18
Full support 9
Prefixed
Prefixed Requires the vendor prefix: moz
Opera Android No support NoSafari iOS Full support 7
Full support 7
Full support Yes
Prefixed
Prefixed Requires the vendor prefix: webkit
Samsung Internet Android ?
allowpaymentrequest
Experimental
Chrome No support NoEdge No support NoFirefox No support NoIE No support NoOpera No support NoSafari No support NoWebView Android No support NoChrome Android No support NoEdge Mobile No support NoFirefox Android No support NoOpera Android No support NoSafari iOS No support NoSamsung Internet Android No support No
frameborder
Deprecated
Chrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
heightChrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
longdesc
Deprecated
Chrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
marginheight
Deprecated
Chrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
marginwidthChrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
nameChrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
referrerpolicyChrome Full support 51Edge No support NoFirefox Full support 50IE No support NoOpera Full support 38Safari Full support 11.1WebView Android Full support 51Chrome Android Full support 51Edge Mobile No support NoFirefox Android Full support 50Opera Android Full support 38Safari iOS No support NoSamsung Internet Android Full support 7.2
scrolling
Deprecated
Chrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
sandboxChrome Full support 4Edge Full support YesFirefox Full support 17IE Full support 10Opera Full support 15Safari Full support 5WebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support 17Opera Android ? Safari iOS Full support 4.2Samsung Internet Android Full support Yes
sandbox: sandbox='allow-popups'Chrome Full support YesEdge Full support YesFirefox Full support 28IE ? Opera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile No support NoFirefox Android Full support 27Opera Android ? Safari iOS ? Samsung Internet Android ?
sandbox: sandbox='allow-popups-to-escape-sandbox'Chrome Full support 46Edge No support NoFirefox Full support 49IE No support NoOpera Full support 32Safari ? WebView Android Full support 46Chrome Android Full support 46Edge Mobile No support NoFirefox Android Full support 49Opera Android Full support 32Safari iOS ? Samsung Internet Android Full support 5.0
sandbox: sandbox='allow-modals'Chrome ? Edge No support NoFirefox Full support 49IE No support NoOpera ? Safari ? WebView Android ? Chrome Android ? Edge Mobile No support NoFirefox Android Full support 49Opera Android ? Safari iOS ? Samsung Internet Android ?
sandbox: sandbox='allow-presentation'Chrome Full support 53Edge No support NoFirefox Full support 50IE No support NoOpera Full support 40Safari ? WebView Android No support NoChrome Android Full support 53Edge Mobile No support NoFirefox Android Full support 50Opera Android Full support 40Safari iOS ? Samsung Internet Android Full support 6.0
sandbox: sandbox='allow-top-navigation-by-user-activation'Chrome Full support 58Edge No support NoFirefox No support NoIE No support NoOpera Full support 45Safari ? WebView Android Full support 58Chrome Android Full support 58Edge Mobile No support NoFirefox Android No support NoOpera Android Full support 45Safari iOS ? Samsung Internet Android Full support 7.0
srcChrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
srcdocChrome Full support 20Edge No support NoFirefox Full support 25IE No support NoOpera Full support 15Safari Full support 6WebView Android ? Chrome Android ? Edge Mobile No support NoFirefox Android Full support 25Opera Android ? Safari iOS ? Samsung Internet Android ?
widthChrome Full support 1Edge Full support YesFirefox Full support YesIE Full support YesOpera Full support YesSafari Full support YesWebView Android Full support YesChrome Android Full support YesEdge Mobile Full support YesFirefox Android Full support YesOpera Android Full support YesSafari iOS Full support YesSamsung Internet Android Full support Yes
mozbrowser
Non-standard
Chrome No support NoEdge No support NoFirefox No support No
Notes
No support No
Notes
Notes See bug 1318532
Notes Available only to WebExtensions.
IE No support NoOpera No support NoSafari No support NoWebView Android No support NoChrome Android No support NoEdge Mobile No support NoFirefox Android No support No
Notes
No support No
Notes
Notes See bug 1318532
Notes Available only to WebExtensions.
Opera Android No support NoSafari iOS No support NoSamsung Internet Android No support No

Legend

Full support  
Full support
No support  
No support
Compatibility unknown  
Compatibility unknown
Experimental. Expect behavior to change in the future.
Experimental. Expect behavior to change in the future.
Non-standard. Expect poor cross-browser support.
Non-standard. Expect poor cross-browser support.
Deprecated. Not for use in new websites.
Deprecated. Not for use in new websites.
See implementation notes.
See implementation notes.
Requires a vendor prefix or different name for use.
Requires a vendor prefix or different name for use.