차례
      1. 4.8.2 iframe 요소
      2. 4.8.3 embed 요소
      3. 4.8.4 object 요소
      4. 4.8.5 param 요소

4.8.2 iframe 요소

요소가 속하는 범주Categories

플로우 컨텐츠Flow content.

구문 컨텐츠Phrasing content.

포함된 컨텐츠.Embedded content.

대화형 컨텐츠.Interactive content.

이 요소가 사용될 수 있는 문맥Contexts in which this element can be used

포함된 컨텐츠가 올 수 있는 곳Where embedded content is expected.

이 요소가 포함할 수 있는 것Content model

아래에서 설명하는 요구사항을 만족하는 텍스트

Text that conforms to the requirements given in the prose.

요소에 사용할 수 있는 속성Content attributes

전역 속성Global attributes

src
srcdoc
name
sandbox
seamless
width
height
DOM interface:
interface HTMLIFrameElement : HTMLElement {
           attribute DOMString src;
           attribute DOMString srcdoc;
           attribute DOMString name;
  [PutForwards=value] readonly attribute DOMSettableTokenList sandbox;
           attribute boolean seamless;
           attribute DOMString width;
           attribute DOMString height;
  readonly attribute Document contentDocument;
  readonly attribute WindowProxy contentWindow;
};

iframe 요소는 중첩된 문맥나타냅니다. 역주

The iframe element represents a nested browsing context.

src 속성을 통해 중첩된 문맥이 포함하는 페이지의 주소를 나타냅니다. 이 속성을 사용했다면, 값은 유효한, 앞뒤로 공백을 허용하고 비어있지 않은 URL이어야 합니다.

The src attribute gives the address of a page that the nested browsing context is to contain. The attribute, if present, must be a valid non-empty URL potentially surrounded by spaces.

srcdoc 속성은 중첩된 문맥이 포함하는 내용을 나타냅니다. 속성의 값은 iframe srcdoc 문서입니다.

The srcdoc attribute gives the content of the page that the nested browsing context is to contain. The value of the attribute is the source of an iframe srcdoc document.

HTML 문서에 포함된 iframe 요소에 이 속성이 있다면, 그 값은 HTML 문법을 사용한 값이어야 하며, 다음의 문법 요소들로, 순서대로 구성된 것이어야 합니다.

For iframe elements in HTML documents, the attribute, if present, must have a value using the HTML syntax that consists of the following syntactic components, in the given order

  1. 주석공백문자. 숫자에는 제한이 없습니다.Any number of comments and space characters.

  2. 선택적으로, DOCTYPEOptionally, a DOCTYPE.

  3. 주석공백문자. 숫자에는 제한이 없습니다.Any number of comments and space characters.

  4. html 요소의 형태를 갖는 루트 요소The root element, in the form of an html element.

  5. 주석공백문자. 숫자에는 제한이 없습니다.Any number of comments and space characters.

XML 문서에서 사용된 iframe 요소에 이 속성이 있다면, XML 명세에서 document라고 레이블된 결과물과 일치하는 값이어야 합니다. [XML]

For iframe elements in XML documents, the attribute, if present, must have a value that matches the production labeled document in the XML specification. [XML]

src 속성과 srcdoc 속성을 모두 사용했다면 srcdoc 속성이 우선권을 가집니다. 이러한 것을 통해, srcdoc 속성을 지원하지 않는 구형 사용자 에이전트에서 폴백 요소를 제공할 수 있습니다.

If the src attribute and the srcdoc attribute are both specified together, the srcdoc attribute takes priority. This allows authors to provide a fallback URL for legacy user agents that do not support the srcdoc attribute.

When an iframe element is first inserted into a document, the user agent must create a nested browsing context, and then process the iframe attributes for the first time.

Whenever an iframe element with a nested browsing context has its srcdoc attribute set, changed, or removed, the user agent must process the iframe attributes.

Similarly, whenever an iframe element with a nested browsing context but with no srcdoc attribute specified has its src attribute set, changed, or removed, the user agent must process the iframe attributes.

When the user agent is to process the iframe attributes, it must run the first appropriate steps from the following list:

If the srcdoc attribute is specified

Navigate the element's browsing context to a resource whose Content-Type is text/html, whose URL is about:srcdoc, and whose data consists of the value of the attribute. The resulting Document must be considered an iframe srcdoc document.

If the src attribute is specified but the srcdoc attribute is not
  1. If the value of the src attribute is the empty string, jump to the empty step below.

  2. Resolve the value of the src attribute, relative to the iframe element.

  3. If that is not successful, then jump to the empty step below.

  4. If the resulting absolute URL is an ASCII case-insensitive match for the string "about:blank", and the user agent is processing this iframe's attributes for the first time, then jump to the empty step below. (In cases other than the first time, about:blank is loaded normally.)

  5. Navigate the element's browsing context to the resulting absolute URL.

Empty: When the steps above require the user agent to jump to the empty step, if the user agent is processing this iframe's attributes for the first time, then the user agent must queue a task to fire a simple event named load at the iframe element. (After jumping to this step, the above steps are not resumed.)

Otherwise

Queue a task to fire a simple event named load at the iframe element.

Any navigation required of the user agent in the process the iframe attributes algorithm must be completed with the iframe element's document's browsing context as the source browsing context.

Furthermore, if the browsing context's session history contained only one Document when the process the iframe attributes algorithm was invoked, and that was the about:blank Document created when the browsing context was created, then any navigation required of the user agent in that algorithm must be completed with replacement enabled.

요소가 생성되는 시점에서 srcdoc 속성이 정해지지 않았고 src 속성 역시 정해지지 않았거나 그 값이 해석될 수 없었다면, 문맥은 about:blank 페이지에 남아 있을 것입니다.

If, when the element is created, the srcdoc attribute is not set, and the src attribute is either also not set or set but its value cannot be resolved, the browsing context will remain at the initial about:blank page.

사용자가 다른 페이지로 이동한다면, iframe의 대응하는 WindowProxy 객체는 새로운 Document 객체의 Window 객체에 대한 프락시를 형성하겠지만, src 속성은 바뀌지 않을 것입니다.

If the user navigates away from this page, the iframe's corresponding WindowProxy object will proxy new Window objects for new Document objects, but the src attribute will not change.

Removing an iframe from a Document does not cause its browsing context to be discarded. Indeed, an iframe's browsing context can survive its original parent Document if its iframe is moved to another Document.

On the other hand, if an iframe is removed from a Document and is then subsequently garbage collected, this will likely mean (in the absence of other references) that the child browsing context's WindowProxy object will become eligble for garbage collection, which will then lead to that browsing context being discarded, which will then lead to its Document being discarded also. This happens without notice to any scripts running in that Document; for example, no unload events are fired (the "unload a document" steps are not run).

이 블로그는 srcdoc 속성과 함께 sandbox, seamless 속성을 사용함으로서, 이러한 기능을 지원하는 사용자 에이전트의 사용자들에게 스크립트 주입 공격으로부터 좀 더 안전하게 블로그를 사용할 수 있도록 하고 있습니다.

Here a blog uses the srcdoc attribute in conjunction with the sandbox and seamless attributes described below to provide users of user agents that support this feature with an extra layer of protection from script injection in the blog post comments

<article>
 <h1>I got my own magazine!</h1>
 <p>After much effort, I've finally found a publisher, and so now I
 have my own magazine! Isn't that awesome?! The first issue will come
 out in September, and we have articles about getting food, and about
 getting in boxes, it's going to be great!</p>
 <footer>
  <p>Written by <a href="/users/cap">cap</a>.
  <time pubdate>2009-08-21T23:32Z</time></p>
 </footer>
 <article>
  <footer> At <time pubdate>2009-08-21T23:35Z</time>, <a href="/users/ch">ch</a> writes: </footer>
  <iframe seamless sandbox srcdoc="<p>did you get a cover picture yet?"></iframe>
 </article>
 <article>
  <footer> At <time pubdate>2009-08-21T23:44Z</time>, <a href="/users/cap">cap</a> writes: </footer>
  <iframe seamless sandbox srcdoc="<p>Yeah, you can see it <a href=&quot;/gallery?mode=cover&amp;amp;page=1&quot;>in my gallery</a>."></iframe>
 </article>
 <article>
  <footer> At <time pubdate>2009-08-21T23:58Z</time>, <a href="/users/ch">ch</a> writes: </footer>
  <iframe seamless sandbox srcdoc="<p>hey that's earl's table.
<p>you should get earl&amp;amp;me on the next cover."></iframe>
 </article>

따옴표들이 이스케이프된것을 눈여겨보십시오. (그렇게 하지 않았다면 sandbox 속성이 잘못 종료되었을 것입니다.) 또한, 샌드박스된 컨텐츠에 포함된 앰퍼샌드를 이중으로 이스케이프하여, sandbox 속성을 파싱할때 앰퍼샌드가 유지되도록 한 것 역시 눈여겨 보십시오.

Notice the way that quotes have to be escaped (otherwise the sandbox attribute would end prematurely), and the way raw ampersands (e.g. in URLs or in prose) mentioned in the sandboxed content have to be doubly escaped — once so that the ampersand is preserved when originally parsing the sandbox attribute, and once more to prevent the ampersand from being misinterpreted when parsing the sandboxed content.

HTML 문법에서는, 큰따옴표가 모든 속성내용을 감싸도록, 그리고 모든 큰따옴표와 앰퍼샌드(&)를 이스케이프하도록, 마지막으로 sandbox 속성을 명시하도록 한다면 내용의 안전함을 보장할 수 있습니다.

In the HTML syntax, authors need only remember to use U+0022 QUOTATION MARK characters (") to wrap the attribute contents and then to escape all U+0022 QUOTATION MARK (") and U+0026 AMPERSAND (&) characters, and to specify the sandbox attribute, to ensure safe embedding of content.

XML 문법의 제한으로 인해, XML에서는 몇가지 문자를 더 이스케이프해야 합니다. &lt;(<), &#8212(XML 공백문자), U+0009(탭), U+000A,U+000D(줄바꿈), &#8212(스페이스) [XML]

Due to restrictions of the XML syntax, in XML the U+003C LESS-THAN SIGN character (<) needs to be escaped as well. In order to prevent attribute-value normalization, XML's whitespace characters — U+0009 CHARACTER TABULATION (HT), U+000A LINE FEED (LF), U+000D CARRIAGE RETURN (CR) and U+0020 SPACE — also need to be escaped. [XML]


name 속성을 사용하였다면, 그 값은 유효한 문맥 이름이어야 합니다. 주어진 값이 중첩된nested 문맥의 이름이 됩니다.

The name attribute, if present, must be a valid browsing context name. The given value is used to name the nested browsing context. When the browsing context is created, if the attribute is present, the browsing context name must be set to the value of this attribute; otherwise, the browsing context name must be set to the empty string.

Whenever the name attribute is set, the nested browsing context's name must be changed to the new value. If the attribute is removed, the browsing context name must be set to the empty string.

When content loads in an iframe, after any load events are fired within the content itself, the user agent must queue a task to fire a simple event named load at the iframe element. When content whose URL has the same origin as the iframe element's Document fails to load (e.g. due to a DNS error, network error, or if the server returned a 4xx or 5xx status code or equivalent), then the user agent must queue a task to fire a simple event named error at the element instead. (This event does not fire for parse errors, script errors, or any errors for cross-origin resources.)

The task source for these tasks is the DOM manipulation task source.

A load event is also fired at the iframe element when it is created if no other data is loaded in it.

When there is an active parser in the iframe, and when anything in the iframe is delaying the load event of the iframe's browsing context's active document, the iframe must delay the load event of its document.

If, during the handling of the load event, the browsing context in the iframe is again navigated, that will further delay the load event.


sandbox 속성을 사용하면 iframe 내에 위치한 모든 내용에 추가적인 제한을 걸 수 있습니다. 그 값은 공백문자로 구분되고 순서 없이 유일한 토큰의 목록이며 ASCII, 대소문자를 구분하지 않습니다. 허용되는 값은 allow-same-origin, allow-top-navigation, allow-forms, allow-scripts 입니다. 속성이 설정되면, 요소의 컨텐츠는 가상의 소스origin로부터 유래한 것으로 취급됩니다. 이 상태에서 컨텐츠의 폼과 스크립트는 차단되며, 링크는 다른 문맥으로 이동할 수 없고, 플러그인은 비활성화됩니다. allow-same-origin 키워드를 사용하면 컨텐츠를 가상의 소스에서 온 것으로 강제하지 않습니다. allow-top-navigation 키워드를 사용하면 컨텐츠가 탑 레벨의 문맥으로 이동하는 것을 허용합니다. allow-forms, allow-scripts 키워드는 각각 폼과 스크립트를 허용합니다(스크립트 팝업은 사용할 수 없습니다)

The sandbox attribute, when specified, enables a set of extra restrictions on any content hosted by the iframe. Its value must be an unordered set of unique space-separated tokens that are ASCII case-insensitive. The allowed values are allow-same-origin, allow-top-navigation, allow-forms, and allow-scripts. When the attribute is set, the content is treated as being from a unique origin, forms and scripts are disabled, links are prevented from targeting other browsing contexts, and plugins are disabled. The allow-same-origin keyword allows the content to be treated as being from the same origin instead of forcing it into a unique origin, the allow-top-navigation keyword allows the content to navigate its top-level browsing context, and the allow-forms and allow-scripts keywords re-enable forms and scripts respectively (though scripts are still prevented from creating popups).

allow-scripts 키워드와 allow-same-origin 키워드를 함께 사용하면, 포함된 페이지가 같은 소스일 경우 포함된 페이지의 스크립트로 아이프레임의 sandbox 속성을 없애버리는 것도 허용하는 것입니다.

Setting both the allow-scripts and allow-same-origin keywords together when the embedded page has the same origin as the page containing the iframe allows the embedded page to simply remove the sandbox attribute.

공격자가, 사용자로 하여금 공격적인 컨텐츠에 직접 방문하도록 유도할 수 있다면, 악의적인 컨텐츠를 샌드박스처리하는 것은 믿을만한 안전조치가 되지 못합니다. 그러한 위험을 제한하려면, text/html-sandboxed 마임타입을 사용해야 합니다.

Sandboxing hostile content is of minimal help if an attacker can convince the user to just visit the hostile content directly, rather than in the iframe. To limit the damage that can be caused by hostile HTML content, it should be served using the text/html-sandboxed MIME type.

While the sandbox attribute is specified, the iframe element's nested browsing context must have the flags given in the following list set. In addition, any browsing contexts nested within an iframe, either directly or indirectly, must have all the flags set on them as were set on the iframe's Document's browsing context when the iframe's Document was created.

The sandboxed navigation browsing context flag

This flag prevents content from navigating browsing contexts other than the sandboxed browsing context itself (or browsing contexts further nested inside it), and the top-level browsing context (which is protected by the sandboxed top-level navigation browsing context flag defined next).

This flag also prevents content from creating new auxiliary browsing contexts, e.g. using the target attribute or the window.open() method.

The sandboxed top-level navigation browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-top-navigation keyword set

This flag prevents content from navigating their top-level browsing context.

When the allow-top-navigation is set, content can navigate its top-level browsing context, but other browsing contexts are still protected by the sandboxed navigation browsing context flag defined above.

The sandboxed plugins browsing context flag

This flag prevents content from instantiating plugins, whether using the embed element, the object element, the applet element, or through navigation of a nested browsing context.

The sandboxed seamless iframes flag

This flag prevents content from using the seamless attribute on descendant iframe elements.

This prevents a page inserted using the allow-same-origin keyword from using a CSS-selector-based method of probing the DOM of other pages on the same site (in particular, pages that contain user-sensitive information).

The sandboxed origin browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-same-origin keyword set

This flag forces content into a unique origin, thus preventing it from accessing other content from the same origin.

This flag also prevents script from reading from or writing to the document.cookie IDL attribute, and blocks access to localStorage. [WEBSTORAGE]

The allow-same-origin attribute is intended for two cases.

First, it can be used to allow content from the same site to be sandboxed to disable scripting, while still allowing access to the DOM of the sandboxed content.

Second, it can be used to embed content from a third-party site, sandboxed to prevent that site from opening popup windows, etc, without preventing the embedded page from communicating back to its originating site, using the database APIs to store data, etc.

The sandboxed forms browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-forms keyword set

This flag blocks form submission.

The sandboxed scripts browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-scripts keyword set

This flag blocks script execution.

The sandboxed automatic features browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-scripts keyword (defined above) set

This flag blocks features that trigger automatically, such as automatically playing a video or automatically focusing a form control. It is relaxed by the same flag as scripts, because when scripts are enabled these features are trivially possible anyway, and it would be unfortunate to force authors to use script to do them when sandboxed rather than allowing them to use the declarative features.

These flags must not be set unless the conditions listed above define them as being set.

These flags only take effect when the nested browsing context of the iframe is navigated. Removing them, or removing the entire sandbox attribute, has no effect on an already-loaded page.

사용자가 제공한, 전혀 알 수 없고 잠재적으로 위험한 HTML 컨텐츠가 페이지로 삽입됩니다. 이것이 샌드박스되었기 때문에, 사용자 에이전트는 같은 사이트에서 서비스되고 있음에도 불구하고 이것을 가상의 소스에서 유래한 것으로 취급합니다. 따라서 이것은 모든 일반적인 교차 사이트 제한의 영향을 받습니다. 이에 더해, 포함된 페이지는 스크립트, 폼, 플러그인이 모두 차단되었으며 그 자신을 제외한 어떤 프레임이나 윈도우로도 이동할 수 없습니다.

In this example, some completely-unknown, potentially hostile, user-provided HTML content is embedded in a page. Because it is sandboxed, it is treated by the user agent as being from a unique origin, despite the content being served from the same site. Thus it is affected by all the normal cross-site restrictions. In addition, the embedded page has scripting disabled, plugins disabled, forms disabled, and it cannot navigate any frames or windows other than itself (or any frames or windows it itself embeds).

<p>We're not scared of you! Here is your content, unedited:</p>
<iframe sandbox src="getusercontent.cgi?id=12193"></iframe>

하지만 쿠키는 여전히 getusercontent.cgi 요청을 통해 서버로 보내집니다. 이것을 IDL 속성 document.cookie를 통해 볼 수는 없긴 합니다만.

Note that cookies are still sent to the server in the getusercontent.cgi request, though they are not visible in the document.cookie IDL attribute.

사용자가 제공한 HTML은 text/html-sandboxed 마임 타입으로 서비스하는 것이 중요합니다. 이렇게 하면, 비록 공격자가 사용자로 하여금 그 페이지를 직접 방문하도록 유도하더라도, 그러한 페이지는 사이트 소스의 문맥 속에서는 동작하지 않으므로, 사이트를 방문한 사용자가 공격자로부터 어느정도 안전해질 수 있습니다.

It is important that the server serve the user-provided HTML using the text/html-sandboxed MIME type so that if the attacker convinces the user to visit that page directly, the page doesn't run in the context of the site's origin, which would make the user vulnerable to any attack found in the page.

다른 사이트로부터 유래한 가젯이 포함되어 있습니다. 가젯은 폼과 스크립트가 허용되었고, 소스 샌드박스 제한이 풀려 있어서 가젯이 그 자신의 서버와 통신하는 것이 가능합니다. 하지만 샌드박스는 여전히 유용한데, 이것이 플러그인과 팝업을 차단하고 있으므로 사용자가 악성코드나 기타 성가신 것 들에 노출되는 빈도가 줄어들 것입니다.

In this example, a gadget from another site is embedded. The gadget has scripting and forms enabled, and the origin sandbox restrictions are lifted, allowing the gadget to communicate with its originating server. The sandbox is still useful, however, as it disables plugins and popups, thus reducing the risk of the user being exposed to malware and other annoyances.

<iframe sandbox="allow-same-origin allow-forms allow-scripts"
        src="http://maps.example.com/embedded.html"></iframe>

다음의 마크업을 포함하는 파일 A 를 가정해 보십시오:

Suppose a file A contained the following fragment

<iframe sandbox="allow-same-origin allow-forms" src=B></iframe>

아이프레임을 포함하는 파일 B 역시 가정해 보십시오:

Suppose that file B contained an iframe also

<iframe sandbox="allow-scripts" src=C></iframe>

링크를 포함하는 파일 C를 가정해 보십시오.

Further, suppose that file C contained a link

<a href=D>Link</a>

이 예제에서, 모든 파일이 text/html로 서비스되고 있다고 가정합니다.

For this example, suppose all the files were served as text/html.

이 시나리오에서, 페이지 C는 모든 곳에서 샌드박스를 사용하고 있습니다. A의 iframe이 스크립트를 차단하고, 이것이 B의 allow-scripts 키워드를 덮어 쓰므로, 스크립트는 차단됩니다. 폼 역시 차단되는데, B에 포함된 아이프레임에서 allow-forms 키워드를 사용하지 않고 있기 때문입니다.

Page C in this scenario has all the sandboxing flags set. Scripts are disabled, because the iframe in A has scripts disabled, and this overrides the allow-scripts keyword set on the iframe in B. Forms are also disabled, because the inner iframe (in B) does not have the allow-forms keyword set.

이제, A의 스크립트가 A와 B에 포함된 모든 sandbox 속성을 없애버렸다고 가정합니다. 이로 인해 즉시 변하는 것은 아무것도 없습니다. 사용자가 C에 있는 링크를 클릭했다면, D 페이지를 B의 아이프레임에 로드하게 되는데, 페이지 D는 이제 B의 아이프레임이 allow-same-origin/allow-forms 키워드를 가진 것 처럼 행동합니다. 왜냐하면 페이지 B가 로드되던 시점에서 A의 아이프레임에 중첩된 문맥의 상태가 그러했기 때문입니다.

Suppose now that a script in A removes all the sandbox attributes in A and B. This would change nothing immediately. If the user clicked the link in C, loading page D into the iframe in B, page D would now act as if the iframe in B had the allow-same-origin and allow-forms keywords set, because that was the state of the nested browsing context in the iframe in A when page B was loaded.

일반적으로, sandbox 속성을 동적으로 변경하거나 제거하는 것은 추천하기 힘듭니다. 이렇게 하게 되면, 무엇이 허용될 것이고 무엇이 차단될 것인지 정확히 알기가 매우 어렵기 때문입니다.

Generally speaking, dynamically removing or changing the sandbox attribute is ill-advised, because it can make it quite hard to reason about what will be allowed and what will not.

아이프레임을 포함하는, 잠재적으로 위험한 파일들을 서비스할 경우 text/html 대신 text/html-sandboxed 로 서비스해야 합니다. 이렇게 하면, 설령 사용자가 공격자의 함정에 속아서 sandbox 속성의 보호 없이 그러한 페이지에 직접 방문하더라도, 그러한 파일들에 있는 스크립트가 사이트를 공격할 수 없습니다(다른 사이트에서 서비스하는 것처럼 취급되기 때문입니다)

Potentially hostile files can be served from the same server as the file containing the iframe element by labeling them as text/html-sandboxed instead of text/html. This ensures that scripts in the files are unable to attack the site (as if they were actually served from another server), even if the user is tricked into visiting those pages directly, without the protection of the sandbox attribute.

allow-scripts 키워드를 allow-same-origin 키워드와 함께 사용했고, 그 파일이 아이프레임을 포함한 Document같은 소스에서 서비스된다면, 샌드박스된 아이프레임 내부의 스크립트가 뛰쳐 나와서 샌드박스 속성을 없애버리고, 자신을 다시 로딩함으로서, 샌드박스가 아예 없었던 것과 같은 효과를 낼 수 있습니다.

If the allow-scripts keyword is set along with allow-same-origin keyword, and the file is from the same origin as the iframe's Document, then a script in the "sandboxed" iframe could just reach out, remove the sandbox attribute, and then reload itself, effectively breaking out of the sandbox altogether.


seamless 속성은 불리언 속성입니다. iframe 요소의 문맥(즉, 포함된)이 포함하는 문서의 일부분인것처럼 렌더링되도록 지시합니다.

The seamless attribute is a boolean attribute. When specified, it indicates that the iframe element's browsing context is to be rendered in a manner that makes it appear to be part of the containing document (seamlessly included in the parent document). Specifically, when the attribute is set on an iframe element whose owner Document's browsing context did not have the sandboxed seamless iframes flag set when that Document was created, and while either the browsing context's active document has the same origin as the iframe element's document, or the browsing context's active document's address has the same origin as the iframe element's document, or the browsing context's active document is an iframe srcdoc document, the following requirements apply:

If the attribute is not specified, or if the origin conditions listed above are not met, then the user agent should render the nested browsing context in a manner that is clearly distinguishable as a separate browsing context, and the seamless browsing context flag must be set to false for that browsing context.

It is important that user agents recheck the above conditions whenever the active document of the nested browsing context of the iframe changes, such that the seamless browsing context flag gets unset if the nested browsing context is navigated to another origin.

이 속성은 동적으로 설정되거나 제거될 수 있습니다. 렌더링 업데이트가 동시에 일어납니다.

The attribute can be set or removed dynamically, with the rendering updating in tandem.

사이트의 내비게이션이 아이프레임을 사용하는 클라이언트 사이드 인클루드를 통해 포함되었습니다. 아이프레임 내부의 모든 링크는, 새로운 사용자 에이전트에서는, 아이프레임의 부모 브라우징 문맥에서 열릴 것입니다. 구형 사용자 에이전트를 위해, 사이트에서는 base 요소의 target 속성을 _parent로 설정할 수 있을 것입니다. 이와 흡사하게, 새로운 사용자 에이전트들은 부모 페이지의 스타일을 아이프레임의 컨텐츠에 자동으로 적용할 것이지만, 구형 사용자 에이전트를 지원하기 위해 스타일을 명시적으로 포함시키길 원할수도 있습니다.

In this example, the site's navigation is embedded using a client-side include using an iframe. Any links in the iframe will, in new user agents, be automatically opened in the iframe's parent browsing context; for legacy user agents, the site could also include a base element with a target attribute with the value _parent. Similarly, in new user agents the styles of the parent page will be automatically applied to the contents of the frame, but to support legacy user agents authors might wish to include the styles explicitly.

<nav><iframe seamless src="nav.include.html"></iframe></nav>

포함된 컨텐츠가 특정한 크기를 가진 경우에 대비하기 위해, iframe 요소는 크기 속성을 지원합니다.

The iframe element supports dimension attributes for cases where the embedded content has specific dimensions (e.g. ad units have well-defined dimensions).

iframe 요소는 결코 폴백 컨텐츠를 갖지 않습니다. 명시된 초기 컨텐츠의 성공 여부와 무관하게, 아이프레임은 언제나 중첩된 브라우징 문맥을 형성합니다.

An iframe element never has fallback content, as it will always create a nested browsing context, regardless of whether the specified initial contents are successfully used.

iframe 요소의 자손은 아무것도 나타내지 않습니다. (iframe 요소를 지원하지 못하는 구형 사용자 에이전트에서는, 요소의 내용이 마크업으로 파싱되어, 마치 폴백 컨텐츠인양 나타날 수 있습니다)

Descendants of iframe elements represent nothing. (In legacy user agents that do not support iframe elements, the contents would be parsed as markup that could act as fallback content.)

HTML 문서에서 사용되었을 경우, iframe 요소에서 허용되는 내용 모델은 텍스트입니다. 단, 요소를 context로 두고, 텍스트 내용을 input으로 두어서 HTML 파싱 알고리즘을 실행한 결과로서 나타나는 노드들의 리스트 전체가 구문 컨텐츠여야 하고, 파싱 에러가 일어나서는 안되며, 그러한 목록 및 자손 요소들 어디에서도 script 요소가 나타나서는 안되고, 그러한 목록 및 자손 요소들 모두가 요구사항에 맟아야 합니다.

When used in HTML documents, the allowed content model of iframe elements is text, except that invoking the HTML fragment parsing algorithm with the iframe element as the context element and the text contents as the input must result in a list of nodes that are all phrasing content, with no parse errors having occurred, with no script elements being anywhere in the list or as descendants of elements in the list, and with all the elements in the list (including their descendants) being themselves conforming.

XML 문서에서 iframe 요소는 비어 있어야 합니다.

The iframe element must be empty in XML documents.

HTML 파서iframe 내부의 마크업을 텍스트로 취급합니다.

The HTML parser treats markup inside iframe elements as text.

The IDL attributes src, srcdoc, name, sandbox, and seamless must reflect the respective content attributes of the same name.

The contentDocument IDL attribute must return the Document object of the active document of the iframe element's nested browsing context.

The contentWindow IDL attribute must return the WindowProxy object of the iframe element's nested browsing context.

광고 브로커가 가져온 광고를 아이프레임을 통해 삽입하는 페이지입니다.

Here is an example of a page using an iframe to include advertising from an advertising broker

<iframe src="http://ads.example.com/?customerid=923513721&amp;format=banner"
        width="468" height="60"></iframe>

4.8.3 embed 요소

요소가 속하는 범주Categories

플로우 컨텐츠Flow content.

구문 컨텐츠Phrasing content.

포함된 컨텐츠.Embedded content.

대화형 컨텐츠.Interactive content.

이 요소가 사용될 수 있는 문맥Contexts in which this element can be used

포함된 컨텐츠가 올 수 있는 곳Where embedded content is expected.

이 요소가 포함할 수 있는 것Content model

이 요소는 비어 있어야 합니다.Empty.

요소에 사용할 수 있는 속성Content attributes

전역 속성Global attributes

src
type
width
height

네임스페이스를 갖지 않는 모든 속성(설명을 보십시오)

Any other attribute that has no namespace (see prose).

DOM interface:
interface HTMLEmbedElement : HTMLElement {
           attribute DOMString src;
           attribute DOMString type;
           attribute DOMString width;
           attribute DOMString height;
};

Depending on the type of content instantiated by the embed element, the node may also support other interfaces.

embed 요소는 외부(보통 HTML이 아닌) 어플리케이션이나 더화형 컨텐츠와의 통합 지점을 나타냅니다.

The embed element represents an integration point for an external (typically non-HTML) application or interactive content.

src 속성을 사용하여 포함하고자 하는 자원의 주소를 지정합니다. 속성을 사용하였다면, 그 값은 유효한, 앞뒤로 공백을 허용하고 비어 있지 않은 URL이어야 합니다.

The src attribute gives the address of the resource being embedded. The attribute, if present, must contain a valid non-empty URL potentially surrounded by spaces.

type 속성을 사용하여 인스턴스화 할 플러그인을 선택합니다. 값은 유효한 마임 타입이어야 합니다. type 속성과 src 속성을 둘 다 사용했다면, type 속성의 값은 src 속성에서 주어지는 자원의 명시적인 Content-Type 메타데이터와 일치하는 것이어야 합니다.

The type attribute, if present, gives the MIME type by which the plugin to instantiate is selected. The value must be a valid MIME type. If both the type attribute and the src attribute are present, then the type attribute must specify the same type as the explicit Content-Type metadata of the resource given by the src attribute.

When the element is created with neither a src attribute nor a type attribute, and when attributes are removed such that neither attribute is present on the element anymore, and when the element has a media element ancestor, and when the element has an ancestor object element that is not showing its fallback content, any plugins instantiated for the element must be removed, and the embed element represents nothing.

If either:

...then the user agent must render the embed element in a manner that conveys that the plugin was disabled. The user agent may offer the user the option to override the sandbox and instantiate the plugin anyway; if the user invokes such an option, the user agent must act as if the conditions above did not apply for the purposes of this element.

Plugins are disabled in sandboxed browsing contexts because they might not honor the restrictions imposed by the sandbox (e.g. they might allow scripting even when scripting in the sandbox is disabled). User agents should convey the danger of overriding the sandbox to the user if an option to do so is provided.

An embed element is said to be potentially active when the following conditions are all met simultaneously:

Whenever an embed element that was not potentially active becomes potentially active, and whenever a potentially active embed element's src attribute is set, changed, or removed, and whenever a potentially active embed element's type attribute is set, changed, or removed, the appropriate set of steps from the following is then applied:

If the element has a src attribute set

The user agent must resolve the value of the element's src attribute, relative to the element. If that is successful, the user agent should fetch the resulting absolute URL, from the element's browsing context scope origin if it has one. The task that is queued by the networking task source once the resource has been fetched must find and instantiate an appropriate plugin based on the content's type, and hand that plugin the content of the resource, replacing any previously instantiated plugin for the element.

Fetching the resource must delay the load event of the element's document.

If the element has no src attribute set

The user agent should find and instantiate an appropriate plugin based on the value of the type attribute.

Whenever an embed element that was potentially active stops being potentially active, any plugin that had been instantiated for that element must be unloaded.

The embed element is unaffected by the CSS 'display' property. The selected plugin is instantiated even if the element is hidden with a 'display:none' CSS style.

The type of the content being embedded is defined as follows:

  1. If the element has a type attribute, and that attribute's value is a type that a plugin supports, then the value of the type attribute is the content's type.

  2. Otherwise, if the <path> component of the URL of the specified resource (after any redirects) matches a pattern that a plugin supports, then the content's type is the type that that plugin can handle.

    For example, a plugin might say that it can handle resources with <path> components that end with the four character string ".swf".

  3. Otherwise, if the specified resource has explicit Content-Type metadata, then that is the content's type.

  4. Otherwise, the content has no type and there can be no appropriate plugin for it.

The embed element has no fallback content. If the user agent can't find a suitable plugin, then the user agent must use a default plugin. (This default could be as simple as saying "Unsupported Format".)

Whether the resource is fetched successfully or not (e.g. whether the response code was a 2xx code or equivalent) must be ignored when determining the resource's type and when handing the resource to the plugin.

This allows servers to return data for plugins even with error responses (e.g. HTTP 500 Internal Server Error codes can still contain plugin data).

name, align, hspace, vspace 를 제외한, 모든 네임스페이스 없는 속성들을 요소에 명시할 수 있습니다. 이러한 속성들은 대문자를 포함하지 않는 XML 호환 이름들이어야 합니다. 이러한 속성들은 플러그인에게 매개변수로 전달됩니다.

Any namespace-less attribute other than name, align, hspace, and vspace may be specified on the embed element, so long as its name is XML-compatible and contains no characters in the range U+0041 to U+005A (LATIN CAPITAL LETTER A to LATIN CAPITAL LETTER Z). These attributes are then passed as parameters to the plugin.

HTML 문서에서 모든 속성들은 자동으로 소문자로 치환됩니다. 따라서, 대문자에 대한 제한사항들은 그러한 문서에 영향을 끼치지는 않습니다.

All attributes in HTML documents get lowercased automatically, so the restriction on uppercase letters doesn't affect such documents.

네가지 예외들은 단순히 플러그인으로 매개변수를 전달하기만 할 뿐 아니라 다른 영향을 미치는 구형 속성들입니다.

The four exceptions are to exclude legacy attributes that have side-effects beyond just sending parameters to the plugin.

The user agent should pass the names and values of all the attributes of the embed element that have no namespace to the plugin used, when it is instantiated.

If the plugin instantiated for the embed element supports a scriptable interface, the HTMLEmbedElement object representing the element should expose that interface while the element is instantiated.

요소는 크기 속성을 지원합니다.

The embed element supports dimension attributes.

The IDL attributes src and type each must reflect the respective content attributes of the same name.

우선권있는 플러그인, 예를 들어 플래시, 를 요구하는 자원을 포함하는 예제가 있습니다.

Here's a way to embed a resource that requires a proprietary plug-in, like Flash

<embed src="catgame.swf">

사용자가 플러그인을 갖고 있지 않다면, 자원을 사용할 수 없을 것입니다.

If the user does not have the plug-in (for example if the plug-in vendor doesn't support the user's platform), then the user will be unable to use the resource.

"quality"라는 매개변수의 값으로 "high"를 전달하고 있습니다.

To pass the plugin a parameter "quality" with the value "high", an attribute can be specified

<embed src="catgame.swf" quality="high">

object 요소를 사용하여 다음과 같이 해도 결과는 갈습니다.

This would be equivalent to the following, when using an object element instead

<object data="catgame.swf">
 <param name="quality" value="high">
</object>

4.8.4 object 요소

요소가 속하는 범주Categories

플로우 컨텐츠Flow content.

구문 컨텐츠Phrasing content.

포함된 컨텐츠.Embedded content.

요소에 usemap 속성이 있면: 대화형 컨텐츠

If the element has a usemap attribute: Interactive content.

Listed, submittable, form-associated element.
이 요소가 사용될 수 있는 문맥Contexts in which this element can be used

포함된 컨텐츠가 올 수 있는 곳Where embedded content is expected.

이 요소가 포함할 수 있는 것Content model

0개 이상의 param 요소. 그 뒤에 투명한 요소가 옵니다.

Zero or more param elements, then, transparent.

요소에 사용할 수 있는 속성Content attributes

전역 속성Global attributes

data
type
name
usemap
form
width
height
DOM interface:
interface HTMLObjectElement : HTMLElement {
           attribute DOMString data;
           attribute DOMString type;
           attribute DOMString name;
           attribute DOMString useMap;
  readonly attribute HTMLFormElement form;
           attribute DOMString width;
           attribute DOMString height;
  readonly attribute Document contentDocument;
  readonly attribute WindowProxy contentWindow;

  readonly attribute boolean willValidate;
  readonly attribute ValidityState validity;
  readonly attribute DOMString validationMessage;
  boolean checkValidity();
  void setCustomValidity(in DOMString error);
};

Depending on the type of content instantiated by the object element, the node also supports other interfaces.

object 요소는 외부 자원을 나타낼 수 있습니다. 그러한 외부 자원은 이미지, 혹은 중첩된 브라우징 문맥, 혹은 플러그인으로 처리되어야 할 외부 자원일 수 있습니다.

The object element can represent an external resource, which, depending on the type of the resource, will either be treated as an image, as a nested browsing context, or as an external resource to be processed by a plugin.

data 속성을 사용하여 자원의 주소를 명시할 수 있습니다. 그 값은 유효한, 앞뒤로 공백을 허용하고 비어 있지 않은 URL이어야 합니다.

The data attribute, if present, specifies the address of the resource. If present, the attribute must be a valid non-empty URL potentially surrounded by spaces.

type 속성을 사용하여 자원의 타입을 명시할 수 있습니다. 그 값은 유효한 마임 타입이어야 합니다.

The type attribute, if present, specifies the type of the resource. If present, the attribute must be a valid MIME type.

datatype 속성 둘 중 하나는 반드시 사용해야 합니다.

At least one of either the data attribute or the type attribute must be present.

name 속성의 값은 유효한 문맥 이름이어야 합니다. 적용 가능하다면, 그 값은 중첩된 문맥의 이름으로 사용됩니다.

The name attribute, if present, must be a valid browsing context name. The given value is used to name the nested browsing context, if applicable.

When the element is created, when it is popped off the stack of open elements of an HTML parser or XML parser, and subsequently whenever the element is inserted into a document or removed from a document; and whenever the element's Document changes whether it is fully active; and whenever an ancestor object element changes to or from showing its fallback content; and whenever the element's classid attribute is set, changed, or removed; and, when its classid attribute is not present, whenever its data attribute is set, changed, or removed; and, when neither its classid attribute nor its data attribute are present, whenever its type attribute is set, changed, or removed: the user agent must queue a task to run the following steps to (re)determine what the object element represents. The task source for this task is the DOM manipulation task source.

  1. If the user has indicated a preference that this object element's fallback content be shown instead of the element's usual behavior, then jump to the last step in the overall set of steps (fallback).

    For example, a user could ask for the element's fallback content to be shown because that content uses a format that the user finds more accessible.

  2. If the element has an ancestor media element, or has an ancestor object element that is not showing its fallback content, or if the element is not in a Document with a browsing context, or if the element's Document is not fully active, or if the element is still in the stack of open elements of an HTML parser or XML parser, then jump to the last step in the overall set of steps (fallback).

  3. If the classid attribute is present, and has a value that isn't the empty string, then: if the user agent can find a plugin suitable according to the value of the classid attribute, and plugins aren't being sandboxed, then that plugin should be used, and the value of the data attribute, if any, should be passed to the plugin. If no suitable plugin can be found, or if the plugin reports an error, jump to the last step in the overall set of steps (fallback).

  4. If the data attribute is present and its value is not the empty string, then:

    1. If the type attribute is present and its value is not a type that the user agent supports, and is not a type that the user agent can find a plugin for, then the user agent may jump to the last step in the overall set of steps (fallback) without fetching the content to examine its real type.

    2. Resolve the URL specified by the data attribute, relative to the element.

    3. If that failed, fire a simple event named error at the element, then jump to the last step in the overall set of steps (fallback).

    4. Fetch the resulting absolute URL, from the element's browsing context scope origin if it has one.

      Fetching the resource must delay the load event of the element's document until the task that is queued by the networking task source once the resource has been fetched (defined next) has been run.

    5. If the resource is not yet available (e.g. because the resource was not available in the cache, so that loading the resource required making a request over the network), then jump to the last step in the overall set of steps (fallback). The task that is queued by the networking task source once the resource is available must restart this algorithm from this step. Resources can load incrementally; user agents may opt to consider a resource "available" whenever enough data has been obtained to begin processing the resource.

    6. If the load failed (e.g. there was an HTTP 404 error, there was a DNS error), fire a simple event named error at the element, then jump to the last step in the overall set of steps (fallback).

    7. Determine the resource type, as follows:

      1. Let the resource type be unknown.

      2. If the user agent is configured to strictly obey Content-Type headers for this resource, and the resource has associated Content-Type metadata, then let the resource type be the type specified in the resource's Content-Type metadata, and jump to the step below labeled handler.

      3. If there is a type attribute present on the object element, and that attribute's value is not a type that the user agent supports, but it is a type that a plugin supports, then let the resource type be the type specified in that type attribute, and jump to the step below labeled handler.

      4. Run the approprate set of steps from the following list:

        The resource has associated Content-Type metadata
        1. Let binary be false.

        2. If the type specified in the resource's Content-Type metadata is "text/plain", and the result of applying the rules for distingushing if a resource is text or binary to the resource is that the resource is not text/plain, then set binary to true.

        3. If the type specified in the resource's Content-Type metadata is "application/octet-stream", then set binary to true.

        4. If binary is false, then let the resource type be the type specified in the resource's Content-Type metadata, and jump to the step below labeled handler.

        5. If there is a type attribute present on the object element, and its value is not application/octet-stream, then run the following steps:

          1. If the attribute's value is a type that a plugin supports, or the attribute's value is a type that starts with "image/" that is not also an XML MIME type, then let the resource type be the type specified in that type attribute.

          2. Jump to the step below labeled handler.

        The resource does not have associated Content-Type metadata
        1. If there is a type attribute present on the object element, then let the tentative type be the type specified in that type attribute.

          Otherwise, let tentative type be the sniffed type of the resource.

        2. If tentative type is not application/octet-stream, then let resource type be tentative type and jump to the step below labeled handler.

      5. If the <path> component of the URL of the specified resource (after any redirects) matches a pattern that a plugin supports, then let resource type be the type that that plugin can handle.

        For example, a plugin might say that it can handle resources with <path> components that end with the four character string ".swf".

      It is possible for this step to finish with resource type still being unknown, or for one of the substeps above to jump straight to the next step. In both cases, the next step will trigger fallback.

    8. Handler: Handle the content as given by the first of the following cases that matches:

      If the resource type is not a type that the user agent supports, but it is a type that a plugin supports

      If plugins are being sandboxed, jump to the last step in the overall set of steps (fallback).

      Otherwise, the user agent should use the plugin that supports resource type and pass the content of the resource to that plugin. If the plugin reports an error, then jump to the last step in the overall set of steps (fallback).

      If the resource type is an XML MIME type, or if the resource type does not start with "image/"

      The object element must be associated with a newly created nested browsing context, if it does not already have one.

      If the URL of the given resource is not about:blank, the element's nested browsing context must then be navigated to that resource, with replacement enabled, and with the object element's document's browsing context as the source browsing context. (The data attribute of the object element doesn't get updated if the browsing context gets further navigated to other locations.)

      If the URL of the given resource is about:blank, then, instead, the user agent must queue a task to fire a simple event named load at the object element.

      The object element represents the nested browsing context.

      If the name attribute is present, the browsing context name must be set to the value of this attribute; otherwise, the browsing context name must be set to the empty string.

      It's possible that the navigation of the browsing context will actually obtain the resource from a different application cache. Even if the resource is then found to have a different type, it is still used as part of a nested browsing context; this algorithm doesn't restart with the new resource.

      If the resource type starts with "image/", and support for images has not been disabled

      Apply the image sniffing rules to determine the type of the image.

      The object element represents the specified image. The image is not a nested browsing context.

      If the image cannot be rendered, e.g. because it is malformed or in an unsupported format, jump to the last step in the overall set of steps (fallback).

      Otherwise

      The given resource type is not supported. Jump to the last step in the overall set of steps (fallback).

      If the previous step ended with the resource type being unknown, this is the case that is triggered.

    9. The element's contents are not part of what the object element represents.

    10. Once the resource is completely loaded, queue a task to fire a simple event named load at the element.

      The task source for this task is the DOM manipulation task source.

  5. If the data attribute is absent but the type attribute is present, plugins aren't being sandboxed, and the user agent can find a plugin suitable according to the value of the type attribute, then that plugin should be used. If no suitable plugin can be found, or if the plugin reports an error, jump to the next step (fallback).

  6. (Fallback.) The object element represents the element's children, ignoring any leading param element children. This is the element's fallback content. If the element has an instantiated plugin, then unload it.

When the algorithm above instantiates a plugin, the user agent should pass to the plugin used the names and values of all the attributes on the element, in the order they were added to the element, with the attributes added by the parser being ordered in source order, followed by a parameter named "PARAM" whose value is null, followed by all the names and values of parameters given by param elements that are children of the object element, in tree order. If the plugin supports a scriptable interface, the HTMLObjectElement object representing the element should expose that interface. The object element represents the plugin. The plugin is not a nested browsing context.

If either:

...then the steps above must always act as if they had failed to find a plugin, even if one would otherwise have been used.

The above algorithm is independent of CSS properties (including 'display', 'overflow', and 'visibility'). For example, it runs even if the element is hidden with a 'display:none' CSS style, and does not run again if the element's visibility changes.

Due to the algorithm above, the contents of object elements act as fallback content, used only when referenced resources can't be shown (e.g. because it returned a 404 error). This allows multiple object elements to be nested inside each other, targeting multiple user agents with different capabilities, with the user agent picking the first one it supports.

Whenever the name attribute is set, if the object element has a nested browsing context, its name must be changed to the new value. If the attribute is removed, if the object element has a browsing context, the browsing context name must be set to the empty string.

요소가 이미지를 나타내고 있다면, usemap 속성을 사용하여 외부 자원이 이미지 맵과 연관되어 있음을 나타낼 수 있습니다. 요소가 이미지를 나타내지 않는다면 속성은 무시되어야 합니다.

The usemap attribute, if present while the object element represents an image, can indicate that the object has an associated image map. The attribute must be ignored if the object element doesn't represent an image.

form 속성을 사용하여 요소와 그 폼 소유자를 명시적으로 연결할 수 있습니다.

The form attribute is used to explicitly associate the object element with its form owner.

유효성검사: object 요소는 (폼의) 유효성검사를 거치지 않습니다.

Constraint validation: object elements are always barred from constraint validation.

요소는 크기 속성을 지원합니다.

The object element supports dimension attributes.

The IDL attributes data, type, name, and useMap each must reflect the respective content attributes of the same name.

The contentDocument IDL attribute must return the Document object of the active document of the object element's nested browsing context, if it has one; otherwise, it must return null.

The contentWindow IDL attribute must return the WindowProxy object of the object element's nested browsing context, if it has one; otherwise, it must return null.

The willValidate, validity, and validationMessage attributes, and the checkValidity() and setCustomValidity() methods, are part of the constraint validation API. The form IDL attribute is part of the element's forms API.

object 요소를 이용하여 자바 애플릿을 페이지에 포함시키고 있습니다. (일반적으로, 이렇게 애플릿을 포함시키는 것 보다는 자바스크립트와 HTML을 사용하여 네이티브하게 기능을 구현하는 것이 좋습니다. 그렇게 하면 써드파티 플러그인을 요구하지 않고 모든 웹 브라우저에서 동작하기 때문입니다. 많은 디바이스, 특히 임베드된 디바이스의 경우 자바와 같은 써드파티 기술을 지원하지 않습니다.)

In the following example, a Java applet is embedded in a page using the object element. (Generally speaking, it is better to avoid using applets like these and instead use native JavaScript and HTML to provide the functionality, since that way the application will work on all Web browsers without requiring a third-party plugin. Many devices, especially embedded devices, do not support third-party technologies like Java.)

<figure>
 <object type="application/x-java-applet">
  <param name="code" value="MyJavaClass">
  <p>You do not have Java available, or it is disabled.</p>
 </object>
 <figcaption>My Java Clock</figcaption>
</figure>

object 요소를 사용하여 다른 HTML 페이지를 포함시키고 있습니다.

In this example, an HTML page is embedded in another using the object element.

<figure>
 <object data="clock.html"></object>
 <figcaption>My HTML Clock</figcaption>
</figure>

플러그인이 HTML 안에서 어떻게 사용되는지를 보여줍니다. (이 경우 플러그인은 플래시입니다) 플래시를 허용하지 않는 사용자를 위해 폴백 컨텐츠가 제공되고 있습니다. 이 경우 폴백 컨텐츠는 video 요소입니다. 사용자가 video 요소 역시 볼 수 없는 경우를 대비하여 마지막으로 링크를 제공하고 있습니다.

The following example shows how a plugin can be used in HTML (in this case the Flash plugin, to show a video file). Fallback is provided for users who do not have Flash enabled, in this case using the video element to show the video for those using user agents that support video, and finally providing a link to the video for those who have neither Flash nor a video-capable browser.

<p>Look at my video:
 <object type="application/x-shockwave-flash">
  <param name=movie value="http://video.example.com/library/watch.swf">
  <param name=allowfullscreen value=true>
  <param name=flashvars value="http://video.example.com/vids/315981">
  <video controls src="http://video.example.com/vids/315981">
   <a href="http://video.example.com/vids/315981">View video</a>.
  </video>
 </object>
</p>

4.8.5 param 요소

요소가 속하는 범주Categories

없음None.

이 요소가 사용될 수 있는 문맥Contexts in which this element can be used

object 요소의 자손으로. 이 요소 앞에 플로우 컨텐츠가 올 수 없습니다.

As a child of an object element, before any flow content.

이 요소가 포함할 수 있는 것Content model

이 요소는 비어 있어야 합니다.Empty.

요소에 사용할 수 있는 속성Content attributes

전역 속성Global attributes

name
value
DOM interface:
interface HTMLParamElement : HTMLElement {
           attribute DOMString name;
           attribute DOMString value;
};

param 요소는 object 요소에 의해 활성화되는 플러그인으로 전달되는 매개변수를 정의합니다. 이것은 그 자체로는 아무것도 나타내지 않습니다.

The param element defines parameters for plugins invoked by object elements. It does not represent anything on its own.

name 속성으로 매개변수의 이름을 나타냅니다.

The name attribute gives the name of the parameter.

value 속성으로 그러한 매개변수의 값을 나타냅니다.

The value attribute gives the value of the parameter.

두 속성이 반드시 모두 존재해야 합니다. 값에 대한 제한은 없습니다.

Both attributes must be present. They may have any value.

If both attributes are present, and if the parent element of the param is an object element, then the element defines a parameter with the given name/value pair.

If either the name or value of a parameter defined by a param element that is the child of an object element that represents an instantiated plugin changes, and if that plugin is communicating with the user agent using an API that features the ability to update the plugin when the name or value of a parameter so changes, then the user agent must appropriately exercise that ability to notify the plugin of the change.

The IDL attributes name and value must both reflect the respective content attributes of the same name.

param 요소를 사용하여 O3D 플러그인으로 매개변수를 전달하는 것을 보여줍니다.

The following example shows how the param element can be used to pass a parameter to a plugin, in this case the O3D plugin.

<!DOCTYPE HTML>
<html lang="en">
  <head>
   <title>O3D Utah Teapot</title>
  </head>
  <body>
   <p>
    <object type="application/vnd.o3d.auto">
     <param name="o3d_features" value="FloatingPointTextures">
     <img src="o3d-teapot.png"
          title="3D Utah Teapot illustration rendered using O3D."
          alt="When O3D renders the Utah Teapot, it appears as a squat
          teapot with a shiny metallic finish on which the
          surroundings are reflected, with a faint shadow caused by
          the lighting.">
     <p>To see the teapot actually rendered by O3D on your
     computer, please download and install the <a
     href="http://code.google.com/apis/o3d/docs/gettingstarted.html#install">O3D plugin</a>.</p>
    </object>
    <script src="o3d-teapot.js"></script>
   </p>
  </body>
</html>

이 섹션에서 문맥이라 함은 브라우징 문맥browsing context을 말합니다. 돌아가기