[javascript] Why do people still use iframes?

source: http://stackoverflow.com/questions/3797179/why-do-people-still-use-iframes

question:

For me iframes are pure evil (well, maybe not so pure). They seems to make a lot of troubles. Yes, your whole site will load once and then you can just load a single pages. But people invented AJAX for this purpose.

One of the biggest issues I found with iframe was that I couldn't paste a link to one of the subpages, because the URL never changed (yes, I know there is a workaround for this). Second thing, web search engines may have problems to index that sites correctly.

Sometimes the accessibility of this sites are worse and some browser can even display them improperly.

There are better ways to design layout without (i)frames. Everyday I can see some one asking at SO questions, like "How to access iframe with jQuery?".

So what are benefits of iframes? What reason can it be to still use them? I just would like to know why :)

(since it is not a real question, it's a CW)

answer:

I can think of 2 reasons (at the moment) why people would still use iframes instead of AJAX:

1) Iframes implement the cross domain origin policy (images, scripts, and styles do not). This can be useful for pulling in sites / content from other domain names relatively safely. Basically, this allows the advantage of being able to visually show data from other domains without letting them stomp all over your page with unlimited access (like something like JSONP would be able to do).

2) You can send multiple types of resources from within an iframe, not just certain mime-types (you're relatively limited to application/javascript, application/x-javascript, text/css, text/xml, image/png, image/jpeg, image/gif with scripts, XHR, images, and sources). For instance, if I want to show you a PDF, I can open an iframe and let the Adobe Reader plugin show you that file. Additionally, in the same domain, if I want to pipeline a script, style, and image all together (inline on the page, image would have to be data URI), I can accomplish this with an iframe (and if it's in the same domain, port, and protocol I can access it with JavaScript as well).

Did you know that Gmail is a set of iframes? The visible part is just clever positioning. Additionally, many OAuth implementation (Twitter, Facebook, Google, Yahoo!) usually use iframes to associate a user on their domain with a successful authentication URL (for after the user logs in).