iframes

[antioch]

zc 1.3.9h
no upgrades
mods: product_extra_fields_1-5-1 installed with site.
everything installed via console.

ive read that there is a known issue with iframes and zc. a shame since there is so much iframe-based content available, such as google maps.

one such map ive created and embedded in an ez page on my site. however, doing so breaks the right hand sideboxes and footer - they simply dont load.

though i can usually muddle my way through things, im just not enough of a coder to fix this one myself. any help would be appreciated. however any criticism of iframes themselves should be relevant to my situation.

[DrByte]

Your broken iframe has nothing to do with there being any supposed "known issue with iframes and zc".

Your HTML for your iframe tag isn't properly terminated, and thus the browser is confused, and is treating the rest of the page as part of the iframe, which it sees as starting out with a whole lotta closing tags, not new content.

Instead of using <iframe .... />, use <iframe ..... ></iframe> and it'll work fine.

[gjh42]

The "known issues" relate to Zen Cart content (especially payment processing and possibly sessions) being displayed inside iframes. There is no issue with external content brought into ZC.

[antioch]

i did see an error. but when i log in via shell to correct the code in \includes\languages\english\html_includes\define_page_2.php to...

Code:

<iframe width="425" height="350" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" src="http://maps.google.com/maps/ms?msa=0&amp;msid=213859551025902514341.00046643f81eab908377b&amp;hl=en&amp;ie=UTF8&amp;t=m&amp;vpsrc=1&amp;ll=36.795608,-94.397106&amp;spn=0,0&amp;output=embed"></iframe><br /><small>View <a href="http://maps.google.com/maps/ms?msa=0&amp;msid=213859551025902514341.00046643f81eab908377b&amp;hl=en&amp;ie=UTF8&amp;t=m&amp;vpsrc=1&amp;ll=36.795608,-94.397106&amp;spn=0,0&amp;source=embed" style="color:#0000FF;text-align:left">Jespersen Mfg &amp; Sales, Inc.</a> in a larger map</small>

...i still get the same results.

am i missing something?

[DrByte]

The link you posted above points to EZ-Page #1.
So, not sure why you're editing "define_page_2.php" for an EZ-Page ID #1. EZ-Pages are stored in the database, and edited via your Admin->Tools->EZ-Pages menu.

Your define-page-2, which has no link on your site, works fine: http://cart.jespersenmfg.com/index.php?main_page=page_2

[Website Rob]

ive read that there is a known issue with iframes and zc. a shame since there is so much iframe-based content available, such as google maps.

I'd like to know where you read that as it's just not true. It is true though, that using iFrames will break PCI Compliance which is why one does not use iFrames in eCommerce websites.

[stevesh]

I'd like to know where you read that as it's just not true. It is true though, that using iFrames will break PCI Compliance which is why one does not use iFrames in eCommerce websites.

Just to be sure, are you saying that inserting iframe content in, say, an EZ page, will affect PCI compliance ? Doesn't sound right.

[antioch]

The link you posted above points to EZ-Page #1.
So, not sure why you're editing "define_page_2.php" for an EZ-Page ID #1. EZ-Pages are stored in the database, and edited via your Admin->Tools->EZ-Pages menu.

Your define-page-2, which has no link on your site, works fine: http://cart.jespersenmfg.com/index.php?main_page=page_2

doh! i first used define pages for that page. then i switched to ez pages for that one and some other pages. so i guess i sort of fooled myself. thx for giving me the needed kick to the head!

I'd like to know where you read that as it's just not true. It is true though, that using iFrames will break PCI Compliance which is why one does not use iFrames in eCommerce websites.

it was nothing official looking, just some comments here from high post count users. id share links, but ff trashed my profile this morning causing me to lose my history. >:(

[Website Rob]

Just to be sure, are you saying that inserting iframe content in, say, an EZ page, will affect PCI compliance ? Doesn't sound right.

I cannot provide a link to other definitive sources and this seems to be somewhat of a grey area. I could be wrong but PCI scans seem to be somewhat of an Art & Science. Some report problems that others do not. Some will fail if an iFrame is used anywhere and some will fail if an iFrame is just used on the payment page.

I have taken the position that not using iFrames anywhere, is the way to go. It is my belief that AJAX will supersede iFrames and even though both have their problems, security and otherwise, the former is better than the latter.