• What
  • An inline frame is used to embed another document within the current HTML document.
• How
  • <iframe src="https://www.w3schools.com"></iframe>

IFrames are not secure

Right thats out of the way.

• The IFrame should have the same origin as the parent window.
• Should not be used.

IFrames and Security

The element, by itself, is not a security risk. Unfortunately iframes have gotten a bad reputation because they can be used by malicious websites to include content that can infect a visitor’s computer without them seeing it on the page. This is done by having links point to the invisible scripts and those scripts set off malicious code. The user clicks the link and thinks that the link is broken because nothing appeared to happen, but a script was set off where they couldn’t see it.

The thing to remember when including an IFrame on your web page is that your users are only as safe as the content of all the sites you link to. If you have reason to feel a site is untrustworthy, don’t link to it in any fashion and most definitely don’t include its contents in an IFrame. Linking to your own pages within iframes, however, does not pose a security risk for you or your users.