[Foundation-l] Guidelines for the use of iframes?

MZMcBride z at mzmcbride.com
Thu Mar 15 00:36:58 UTC 2012


https://wikimediafoundation.org/w/index.php?oldid=79658&action=edit

This page is currently loading an <iframe> from <http://hire.jobvite.com>.
Besides banishing the pretty green lock icon in Chrome (due to the mixture
of http and https), as far as I understand it, the use of an <iframe> like
this exposes user data (such as a user's IP address) of every visitor to any
page where the frame is loaded. That is, whoever is running hire.jobvite.com
will be able to track who has viewed the page where this template is loaded
on wikimediafoundation.org on their own server/in their own server logs.

Are there policies or guidelines surrounding the use of <iframe>s like this?
Typically the tag is banned on Wikimedia wikis, but wikimediafoundation.org
allows raw HTML.

I know other activities such as loading Google Analytics in site-wide
JavaScript have been shot down due to concerns of third parties tracking
users, but this is a separate case with fewer privacy implications, I think.

Thoughts?

MZMcBride






More information about the wikimedia-l mailing list