<fencedframe>: The Fenced Frame element
4 months ago
- #HTML
- #Privacy
- #Web Development
- The <fencedframe> HTML element is a nested browsing context similar to <iframe> but with enhanced privacy features.
- Communication between <fencedframe> content and its embedding site is restricted to protect user privacy.
- <fencedframe> can access cross-site data only under controlled circumstances and cannot be manipulated via regular scripting.
- Embedding content in <fencedframe> requires specific APIs, and it cannot access the embedding context's DOM, nor vice versa.
- Attributes include 'allow' for permissions policy, 'height', and 'width', with defaults of 150 and 300 CSS pixels respectively.
- Permissions policies in <fencedframe> are limited to specific privacy-preserving features like Protected Audience API and Shared Storage API.
- Focusing across <fencedframe> boundaries is restricted to user-initiated actions to prevent fingerprinting risks.
- Positioning and scaling of <fencedframe> content can be adjusted, but the embedded document's reported dimensions remain unchanged.
- Accessibility is improved with the 'title' attribute, aiding users of assistive technologies in understanding embedded content.
- Examples demonstrate using <fencedframe> with APIs like Protected Audience to display content securely.
- Technical summary outlines content categories, permitted content, tag omission, parents, ARIA roles, and DOM interface.
- Browser compatibility should be checked before use, as <fencedframe> is an experimental technology not widely supported.