The IFrame component displays an iframe.
Src (https)The URL of the page to embed.
SandboxEnables an extra set of restrictions for the content (for example: allow-same-origin, allow-scripts...)
Allow fullscreenIndicates whether the frame is allowed to be placed into full screen mode.
Allow payment requestIndicates whether the Payment Request API may be invoked.
Allow transparencyIndicates whether the frame can be transparent.
Frame borderSpecifies whether or not to display a border around the iframe (0 or 1).
SrcdocSpecifies the HTML content of the page to show in the iframe.
Referrer policyA string indicating which referrer to use when fetching the resource:
- "no-referrer" meaning that the Referer: header will not be sent.
- "no-referrer-when-downgrade" meaning that no Referer: header will be sent when navigating to an origin without TLS (HTTPS). This is a user agent’s default behavior, if no policy is otherwise specified.
- "origin" meaning that the referrer will be the origin of the page, that is roughly the scheme, the host and the port.
- "origin-when-cross-origin" meaning that navigations to other origins will be limited to the scheme, the host and the port, while navigations on the same origin will include the referrer's path.
- "unsafe-url" meaning that the referrer will include the origin and the path (but not the fragment, password, or username). This case is unsafe because it can leak origins and paths from TLS-protected resources to insecure origins.