Do I need to namespace my JavaScript code if it's in an <iframe>?

Question

If I write some JavaScript that runs in an <iframe> (which is dynamically created and added to the DOM with JavaScript, if that matters), is it isolated from the global namespace of its parent page, or are conflicts still possible?

I did some Googling and came across this page, but I can't really make sense of what he's doing here, or if it applies to exactly what I'm trying to determine/accomplish.

http://dean.edwards.name/weblog/2006/11/sandbox/

I'm creating a widget that will live on unknown host pages; it's a <script> that inserts an <iframe> on the page, then creates a document that loads some external scripts and inserts that document into the dynamically created <iframe>.

Basically, I just want to avoid conflicts with any global variables on the host page; I don't want any JavaScripts that I write or load in the <iframe> to conflict with anything on the host page.

If using an <iframe> doesn't automatically protect me, can anyone recommend an approach that will isolate any <script>s running in the <iframe>?

Thanks in advance for any guidance.

Answer 1

If I understand your situation correctly, anything in the iFrame should be out of scope from the rest of the page. However, you can refrence the main page code by using parent.

var foo

<iframe>
var bar = parent.foo;
</iframe>

I know this is not how the iframe looks. Just trying to simplify.

Answer 2

Using normally, the scripts in iframe and in the main window are both isolated from each other.

main.html:

<!DOCTYPE html>
<html><head>
</head>
<body>
<script>
function ale(){alert('test');}
</script>
<iframe src="fr.html"></iframe>

</body></html>

fr.html:

<input type="button" onclick="ale();" />

Notice that when you open main.html and click on the button in the iframe, an Javascript error saying that ale(); is not defined will be generated. This is because they are 2 seperate documents.

However, you will be able to access the parent frame's document object from the iframe using the window.parent node. e.g. window.parent.getElementById('mainform')

Summary There is no need to namespace your code in the iframe.

Answer 3

Because the namespace of each is separated, it should be fine. Consider the following

Host page JavaScript:

Foo = {};
Foo.bar = function(){ alert('hi!');}

Now the iframe JavaScript:

Foo = {};
Foo.bar = function(){ alert('yo!');}

For the iframe to talk to the parent, it would have to do something like this

window.parent.Foo.bar(); //Alerts 'hi!'
Foo.bar(); //Alerts 'yo!'

For the host page to see the frame, it would have to do this:

window.frames['nameOfFrame'].contentWindow.Foo.bar(); //Alerts 'yo!'
Foo.bar(); //Alerts 'hi!'