As part of my work on Qliqa, I bumped in to the fact that Facebook blocks embedding itself in HTML frames, instead it provides the Facebook logo and a link to the location you tried reaching.
Today, during a routine check on some updates, I realized that the a link on our test site that points to a Youtube video shows a generic non-same-origin-frame-blocked error with a link to the original address of the iframe. Although blocking framing ruins a lot of my plans, yet I understand their choice, as a webmaster I know that there is more then one reason to block framing your website.
But, here is the thing, Facebook didn’t block framing with a general HTTP header, they provided their own error page, its a clear fail-safe choice, Youtube on the other hand chose to block it by setting a header ordering the browser to block embedding the content if it is not originated from the same domain.
Now, the funny thing is, that for some reason the Webkit engine does not supply a Same-Origin error page, Webkit is used in Safari, Chrome and more, while I’ll know that Facebook is blocking their content, If I would have been using Chrome and trying to access a Youtube link from StumbleUpon, I would never know why the content is blank.
Frame it or not, no UI is not always the best UI…