I browse with Javascript disabled by default, enabling it on a case-by-case basis. This is usually fine, but on occasion a website won’t work, and I realize it’s because some piece of content is in an iframe from another site. E.g. a chat component, an event invite, a social media post, or a video player. It’s never immediately apparent why it’s not working until I eventually inspect, see it’s an iframe, copy the source, open the source in a new tab, enable Javascript on that domain, close the tab, close the inspector, and reload the main page. That’s a lot of steps and requires some minor technical knowhow.
I want to propose adding a way to better identify and control Javascript settings for iframes. Some possibilities:
- In the browser bar site settings dropdown, below the Javascript switch, show indented list entries for every detected iframe domain with their own Javascript switches.
- Because a domain has more site settings than just Javascript, in the site settings dropdown, the bottom could show a list of iframe domains. Clicking one would drill down within the dropdown. You would then see site settings for that domain, with the option to click back to return to the host page’s site settings.
- Right-clicking in an iframe itself could give an option to view that domain’s site settings, either with the convenient dropdown or in the settings page. The downside of this is 1) discoverability, since it isn’t always apparent when content is in an iframe, and 2) some iframes are intentionally made tiny or invisible, so right-clicking in one may be impossible. For these reasons, this might be considered as an additional means of control rather than the primary means.
Additionally, some time-saving means of “enable Javascript in all iframes” would be a nice option, but I don’t think that should be the only means. Disabling Javascript is done by cautious people who would rather only enable it where necessary. e.g. I want to enable it in this embedded video player but not these 3 ad/tracking frames.