|
|
|
|
|
|
by haimez
3566 days ago
|
|
|
Everything. iframes can't fuck with you code, but they are 1. displayed in your page (is this a good idea, does this iframe agree with how your page will display it). 2. Is leaking information to this iframe (and consequently, that iframe's server that this email had been opened) a good idea (no. 100% it's not.). 3. Can someone else contrive another vector of page control or information leak that suits their motives and hasn't been considered a priori by you (also yes, 100%. Never underestimate the motivation or creativity of others). Never, ever, EVER embed an iframe thinking it will make your life better. |
|
|
I dont think email sender cares about how iframe is rendered. They currently render in a rectangle, and they will keep render in a rectangle.