none
iframe not working in IE8

    Question

  • I have an iframe that I cannot get to display in IE8. It works fine in Firefox, Opera, Safari & Chrome. Just not IE8. Any ideas?

    <div align="left"><iframe name="Frame1" src="http://clients.mindbodyonline.com/ws.asp?studioid=8696&stype=-99" STYLE='width:100%;' height="800" frameborder="0" allowTransparency="true"></iframe></div>
    Monday, January 18, 2010 3:57 AM

All replies

  • Hi,

    If it works on other browsers but not in IE then it is usually because of one of your IE security zone settings.

    Tools>Internet Options - Security tab, click "Reset all zones to default"

    You can reverse test this in FX with the IETab extension.

    Load your page in an FX/IETab. If it renders there, then, Yep its an IE Security zone setting.
    (NOTE!important..... FX/IETab always uses the IE7 Emulation mode to render pages (except of coarse Quirks DTD's) viz. it is not reliable to use as a test when comparing rendering issues.

    Always use the Default security zone settings as you baseline for testing in IE. The expectation is that your IE visitors will also have their IE security zone settings set to default.

    If you have custom security settings for your Intranet zone, then use those settings. You should have globally set the Intranet Security Zone settings with Group Policy.

    Regards.
    Rob^_^
    Monday, January 18, 2010 8:45 AM
  • Hi,

    If it works on other browsers but not in IE then it is usually because of one of your IE security zone settings.

    Tools>Internet Options - Security tab, click "Reset all zones to default"

    You can reverse test this in FX with the IETab extension.

    Load your page in an FX/IETab. If it renders there, then, Yep its an IE Security zone setting.
    (NOTE!important..... FX/IETab always uses the IE7 Emulation mode to render pages (except of coarse Quirks DTD's) viz. it is not reliable to use as a test when comparing rendering issues.

    Always use the Default security zone settings as you baseline for testing in IE. The expectation is that your IE visitors will also have their IE security zone settings set to default.

    If you have custom security settings for your Intranet zone, then use those settings. You should have globally set the Intranet Security Zone settings with Group Policy.

    Regards.
    Rob^_^

    It still didn't work. I reset security to default as you recommended but I still get a 404 error. I know the link is working as it works fine in all other browsers.
    Monday, January 18, 2010 4:39 PM
  • Hi,

    And a 404 server error means?

    Your hosts file may be blocking the root domain and mapping it to localhost where it does not exist.

    No...

    actually that url redirects to another url.

    copy and paste

    http://clients.mindbodyonline.com/ws.asp?studioid=8696&stype=-99

    in your IE Address bar and press enter.

    You end up here

    https://clients.mindbodyonline.com/asp/home.asp

    try adding *.mindbodyonline.com to your Trusted sites zone

    You may also have to add your own site to the Trusted sites zone if it resolves to the Intranet zone and your security settings do not allow navigation between sites of lower to higher security integrity.

    You should be using a link tag to open that address in a new page/tab (or the _top target value) i/o hosing it in an iframe.

    This is a security measure to prevent phishing scams hosting your banks login page within a iframe on a crafted frameset page to steal your login credentials.

    Do you have permission from mindbodyonline.com to link to their site this way?

    c! IE8 is more secure than the others.

    Regards.

    Rob^_^
    Monday, January 18, 2010 10:26 PM
  • Hi,

    And a 404 server error means?

    Your hosts file may be blocking the root domain and mapping it to localhost where it does not exist.

    No...

    actually that url redirects to another url.

    copy and paste

    http://clients.mindbodyonline.com/ws.asp?studioid=8696&stype=-99

    in your IE Address bar and press enter.

    You end up here

    https://clients.mindbodyonline.com/asp/home.asp

    try adding *.mindbodyonline.com to your Trusted sites zone

    You may also have to add your own site to the Trusted sites zone if it resolves to the Intranet zone and your security settings do not allow navigation between sites of lower to higher security integrity.

    You should be using a link tag to open that address in a new page/tab (or the _top target value) i/o hosing it in an iframe.

    This is a security measure to prevent phishing scams hosting your banks login page within a iframe on a crafted frameset page to steal your login credentials.

    Do you have permission from mindbodyonline.com to link to their site this way?

    c! IE8 is more secure than the others.

    Regards.

    Rob^_^
    Yes I have permission, I purchased their services. Their instructions were to use an Iframe with that url.

    The problem appears to be with this section of the URL: ws.asp?studioid=8696&stype=-99 in the iframe

    If I just use the http://clients.mindbodyonline.com/ in the iframe it takes me to the landing page. But when I add in my content, IE returns a 404 error

    When I enter http://clients.mindbodyonline.com/ws.asp?studioid=8696&stype=-99 in my address bar directly, the page comes up just fine.

    It doesn't make any sense that it works in all other browsers and in IE when I enter it directly but not when I stick it in an Iframe.




    Tuesday, January 19, 2010 4:38 AM
  • Hi,

    It makes sense to me. (I am not trying to be cynical, just honest in the way I see it).

    See the IE Security Zone setting "Web sites in less privileged web content zone can navigate into this zone".

    I see now why some Web Design schools insist that their students do not use framesets or iframes in their web pages. (apart from the non-support in mobile devices)

    Here is the link to this thread

    http://social.msdn.microsoft.com/Forums/en-US/iewebdevelopment/thread/bc91f16c-99d0-453d-8689-3b6f3f6abe62/

    Pass it on to your contacts at mindbodyonline.com so they can pick up on the issue and decide if they need to rethink their site API's. I would suggest an AJAX solution instead. The MS Passport API's also may be userful (used when you login to this forum), but there are also jsp and php equivalents available.

    Ultimately the decision will be up to them.

    You may be able to tweak your default IE Security zone settings to get it to work for you, but this is impractical for your visitors.

    In principle IE users should not change their default security zone settings, but instead either add sites to either their Trusted and UnTrusted Sites Zones.

    You can use <noscript> tags to detect and infer if visitors do not have your site in their Trusted Sites list.

    The default security zone setting for the Internet zone is meduim. On hardened servers (enhanced security settings) the default is High (viz the same as the Restricted Sites Zone)


    Regards.


    Rob^_^
    Tuesday, January 19, 2010 5:56 AM
  • To clarify...

    ws.asp?studioid=8696&stype=-99

    are the Query parameters.

    They are instructions (parameters) to the ws.asp page.

    When the ws.asp page is loaded on their servers it will look for any query parameters that are passed to it.

    Studioid=8696

    stype=-99

    When you use the raw url

    http://clients.mindbodyonline.com/

    the web site default page (home.asp) is loaded, not ws.asp.

    eg. http://clients.mindbodyonline.com/home.asp is the same as http://clients.mindbodyonline.com/

    when you copy and paste it into either IE or FX.

    Regards.

    Rob^_^
    Tuesday, January 19, 2010 6:54 AM
  • Did you ever resolve this issue, I have the same issue.

    Tuesday, March 27, 2012 12:13 PM
  • are you using the same hosting provider... please post the url of your website or a link to a mashup that shows YOUR issue.

    Rob^_^

    Wednesday, March 28, 2012 12:23 AM