HTML Iframes Interview
Security-focused interview Q&A on iframes, embedding, sandboxing, and cross-origin behavior.
1What is an iframe?easy
Answer: An inline frame that embeds another HTML page within the current page.
2Common iframe attributes?easy
Answer:
src, title, width, height, loading, sandbox, allow.3Why is
title important for iframe?mediumAnswer: It improves accessibility by describing embedded content for assistive technologies.
4What does iframe sandbox do?medium
Answer: Restricts capabilities of embedded content unless explicitly allowed.
5Can parent page freely access iframe DOM always?medium
Answer: No, same-origin policy restricts cross-origin DOM access.
6How to communicate across origins safely?medium
Answer: Use
window.postMessage with strict origin checks.7How to improve iframe loading performance?easy
Answer: Use
loading="lazy" and avoid unnecessary embeds.8What are risks of third-party iframes?medium
Answer: Security, privacy tracking, performance overhead, and content control issues.
9Iframe vs embed/object for modern web?medium
Answer: iframe is preferred for embedding full external documents/apps.
10Interview best-practice summary?medium
Answer: Use iframe only when needed; include title, sandbox, and origin-safe messaging.