Andreas Jung wrote:
Iframes are still a valid choice in case asynchronous won't work e.g.
when you need to load resources from servers != your origin server. Due
the security model of asynchronous requests, a browser will only load
stuff from the origin server. Iframes are a way to work around this
limitation - ugly as you said, but sometimes a good workaround.
Not only ugly but also a very security threat. Been there, seen a lot
important sites fell on their noses when it comes to CSS* and friends.
Better find another solution in such cases and allow users to disable
support for iframes for better security.
*) here: cross site scripting
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -