Iframe Tester

About this site

iframetester.com is the easiest way to test if a particular webpage can be embedded in an iframe. It is primarily a tool for developers to test their web page to ensure their application behaves as expected on a third-party site.

What is an iframe?

An iframe is an HTML element which can embed another webpage on a parent page. It is commonly used to display third-party content like videos, advertisements, and small web apps designed to be used on multiple websites. The URL to be embedded is supplied by the "src=" parameter on the iframe element. Besides the width/height of the iframe, a webpage embedding a url in an iframe has no control over the embedded site's content, it just supplies the URL to be embedded.

What determines if a webpage can be embedded in an iframe?

Not all web pages can be rendered in an iframe. This is determined by certain headers that are sent in a web request for a particular website. This header is called "X-Frame-Options" and the options are DENY, SAMEORIGIN ,and ALLOW-FROM=url. This allows a website owner to determine which websites (if any) can embed their content, and browsers abide by these headers. To learn more about this header, see this article.

How to iframe a webpage

    <!DOCTYPE html>
    <html>
        <head></head>
        <body>
            <iframe src="https://google.com" width="100%" height="400" />
        </body>
    </html>

How can I test if a webpage can be iframed?

Enter a url in the search bar above and press "Render Iframe". If you see the webpage load, the page is allowed to be iframed. If you see an error message like "refused to connect", that means that the webpage is not allowed to be iframed on this site. Open the developer console to see the specific error.

What differentiates an iframed webpage from a regular one?

Besides the "X-Frame-Options" header that determines if a webpage can be iframed, there are other things to consider. For privacy and security reasons, webpages embedded in an iframe might be restricted in their ability to set/read browser cookies. This is important to consider if your embedded web app uses cookies for user authentication.