Andreas Jung wrote:
Iframes are still a valid choice in case asynchronous won't work e.g. when you need to load resources from servers != your origin server. Due the security model of asynchronous requests, a browser will only load stuff from the origin server. Iframes are a way to work around this limitation - ugly as you said, but sometimes a good workaround.

Not only ugly but also a very security threat. Been there, seen a lot
important sites fell on their noses when it comes to CSS* and friends.
Better find another solution in such cases and allow users to disable
support for iframes for better security.

*) here: cross site scripting

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to