tags:

views:

2937

answers:

5
+1  Q: 

IE7 iframe blank page

I am working on a web page which has an iframe and I am loading an external site in the iframe. The page works fine in IE6, FF etc but in IE7 all I see is a blank page.

I found that this is due to the phishing filter in IE7. The phishing filter will not be able to check the web page inside the iframe so it will not be rendered properly. Have you faced this issue before? How can I resolve it?

Edit: Okay. After seeing first two answers I think I should give some more explanation to this. The page is for payment processing and I am loading a page (of a 3rd party company) which asks for credit card information. Right after entering details and pressing continue the iframe goes blank. After much investigation we found that IE7 does not accept 3rd party cookies (when page loaded in iframe). It is something to do with the security settings. Some articles in the internet say that I can bypass the phishing filter. How can I do it?

+2  A: 

Have you set the IFRAME attribute WIDTH? I've read about this before and in those occasions had to do with the 'WIDTH' attribute.

So instead of using the WIDTH attribute of the IFRAME, you could use the STYLE attribute instead:

<IFRAME SRC='yourpage.html' STYLE='width:100%;'></IFRAME>

[UPDATE]
In my above example I've used a %-age to declare the width of the IFRAME. You could try to declare it in pixels instead of percentage, e.g.:

<IFRAME SRC='yourpage.html' STYLE='width:600px;'></IFRAME>

Then again, this could not be the problem in your case, but please do provide more information.

Zaagmans  2009-02-12 11:40:55
As I now read in the startpost, it has something to do with 3rd party cookies. I will leave my answer for further reference...
Zaagmans  2009-02-12 12:03:08
A: 

Perhaps you are using a title tag like <TITLE/>

Paul Whelan  2009-02-12 11:42:35
A: 

IE7 does not accept 3rd party cookies (when page loaded in iframe).

It can do, it depends on the options that are set. Especially if the privacy level has been turned up, the third party must provide a P3P policy file to ensure IE that it's not going to be naughty. (As a privacy measure this is a bit of a dead loss IMO, but we're stuck with it.)

I am loading a page (of a 3rd party company) which asks for credit card information.

Whoah! Don't do that. The user won't be able to see from the address bar that it's the correct site URL and it's properly encrypted with SSL. You're effectively asking your customers to trust an unknown site and connection.

Lose the iframe. Most payment processors will have options to style your payment pages to match your site, and return the user to your site when they're done.

bobince  2009-02-12 15:45:12
Yeah I agree!! But we don't have an option other than using an iframe now. The page is redesigned to suit our design. I tried adding the p3p header and it still shows the "cookie" blocked notice!
Shoban  2009-02-12 16:32:50
It has to be the third-party (payment processor) that adds the P3P policy to their own pages, I'm afraid.
bobince  2009-02-12 17:07:27
A: 

Finally I found the solution for this!

It can be solved by adding the p3p header to the webpage. This tells the browser that the cookie created by the pages in the iframe are OK for user's privacy. The header has to be added to all the pages loaded in the iframe.

Below are some of the links which shows how this can be achieved in different scripting languages (PHP, ASP.net , JSP etc).

http://adamyoung.net/IE-Blocking-iFrame-Cookies

http://adamyoung.net/IE-Blocking-iFrame-Cookies

http://admon.org/node/99

Note: I dint use this solution for security and compliance reasons. Thanks Bobince

Shoban  2009-02-13 11:03:45
+1  A: 

If you are using ASP then add this code

Response.AddHeader "p3p", "CP=" & chr(34) & "CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" & chr(34)

in all the pages which are loaded in the iframe

Kushal  2009-02-13 16:48:21
Don't blindly use the given P3P string. Determine your own P3P privacy policy. Read http://www.p3ptoolbox.org/guide/ for details.
Anirvan  2009-03-03 17:52:02

related questions

Enable local scripts and flash in ie7
totally lost -- textarea in IE7 disappears when i mouse over
Problem with :hover in IE7
Simple ColdFusion script works in IE but not Firefox?
Catching a tab close event in web browser?
Internet Explorer 8 and IE 6 side by side
Can't download file in IE7 but there isn't any problem in Firefox, Chrome, etc..?
Why does IE7 specify a mime-type of image/pjpeg rather than just image/jpeg?
How To Tell What Files IE Thinks Are "nonsecure"?
How to disable browser postback warning dialog
YUI Autocomplete renders under other page elements in IE7
How can I make Internet Explorer not change the colors in my PNG images
Possible to set tab focus in IE7 from JavaScript
IE7 CSS Scrolling Div Bug
How can I change IE's homepage without opening IE?
Does IE7 have a "developer mode" or plugin like Firefox/Chrome/Safari?
Response.StatusCode and Internet Explorer - Display custom message?
LightWindow & IE7, "Line 444 - object does not support this property or method"
Detect DOM modification in Internet Explorer
textarea with 100% width ignores parent element's width in IE7
IE CSS Bug - How do I maintain a position:absolute when dynamic javascript content on the page changes
How IE7 determines a site's Security Zone
Weird yellow bar pops-up: 'Microsoft Data Access - Remote Data Services
IE7 HTML/CSS margin-bottom bug.
Why doesn't the percentage width child in absolutely positioned parent work in IE7?