iframes

G

George Worley

I cannot find the answer to this question.

I send out every Friday, a weekly update to an email list that I moderate
for my church. This email contains code with an <iframe> in it.

The code is:

<iframe

src="http://www.mychurchevents.com/calen...DayCount=7&select_by=all_interest_groups&igd="
frameborder="0" height="300" width="320">
</iframe>

This works find in Outlook 2000 and before but in Outlook XP, 2003 and 2007
but the contents of the iframe doesn't appear. -- it appears in Outllook
Express after some modification to the trusted zone in I.E. I have tried
everything but cannot get the contents of the <iframe> tag to display in
Outlook.

Can someone help me?

Thank you,

George Worley
 
R

Roady [MVP]

Sounds like you've never updated Outlook 2000. Including iframe in an email
is considered insecure for a long long time now. The fact that you had to
mess around with security settings should have given you that idea. Surely
you don't expect the readers of your message to mess around with that as
well in order to read your message.

Emails are not webpage and thus should not be created as such.
 
G

George Worley

For years those who think they have all of the power but are in reality
powerless have been saying the same thing -- HTML doesn't belong in email.
It is time to GET REAL! You remind me so much of some of my friends that use
Linux/Net BSD. That believe email should be only text. Most of them still
use Lynx is their preferred browser.

Times have changed. It is a visual world and email is well as the Web
should be visual.

iframe tag has only be considered insecure in the Microsoft world not the
real computer world -- meaning those of us who prefer to use other products –
otherwise the W3C would not put is part the standard . Microsoft ideal of
fixing vulnerabilities is to disable the features not fix the code. If you
cannot execute the real HTML/xHTML standards set forth by W3C. Instead
Microsoft feels that it should be the “standards†creator by change or
ignoring the standards. This has been a problem since the beginning of home
computing -- until DOS, one computer could not easily read another maker’s
floppy disk. W3C has done a pretty good job of developing HTML standards.

The parish that I do the newsletter and most if all communications and
definitely all of the electronic communications for are still living in the
first half of the 20th century. Until recently the Internet access was done
with one dialup account with one phone line. The four users were having to
call each other to see if anyone was on the Internet and ask them how much
longer they were going to be. I have now got the whole church/parish hall as
a hot spot -- no longer do they staff members have to call each other. Most
of those who have computers at home barely know how to do email let alone
email messages that contain links. Most use email but have no idea about the
web… in fact the one that was doing so call information technology told them
not to every click on links in email as you could end up with a virus.

I subscribe to the KISS (Keep It Simple Stupid) theory for the members of my
parish. iframe is simple while clicking on a link may be simple for us that
are computer savvy, it isn’t for those who only use the computer for quick
and cheap communication. Because Outlook, IMHO, is not user friendly and
should never really be used by someone who doesn’t know that much about
computers, I recommend to the users of the parish that they load thunderbird
on their system… I have even free of charge went to members of my parish’s
home and installed in configured Thunderbird where embedding dynamic HTML is
not at risk and who actually fix their product and not limit the usage
because they are not capable of fixing the product. BTW… the only real
secure computer is one that doesn’t have a network adaptor but this makes
nothing more than a glorified word processor or local game machine.

I would like to thank you for NOT answering my question.

George
 
R

Roady [MVP]

I would like to thank you for NOT answering my question.
I did answer your question. The fact that it wasn't the answer that you
wanted to hear doesn't make it any less true.

Never did I state in my reply that your email should be only Plain Text and
that emails should be non-visual compelling. I stated that emails and web
pages are 2 different things and require different treatment.

For example; iframes in emails can be easily abused by senders of Phishing
Emails. This isn't a code vulnerability but an end-user one. Look around;
Outlook is not the only mail client that doesn't allow it anymore.

W3C standards have nothing to do with security measurements. It's really
easy to create a website that passes the W3C HTML validator and tries to do
all sorts of nasty things on your computer. Standards don't offer any
protection.
 
B

Brian Tillman

George Worley said:
Times have changed. It is a visual world and email is well as the Web
should be visual.

Glitz and glitter simply do not convey information.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top