Iframes vs embedded assets - On Premises R2020

Design guidelines for complex HTML5 assets in Author-it

By default Author-it will insert HTML5 assets into an iframe.  Iframes provide a level of security between the course and the asset, but cause issues with sizing and responsive behaviour.  As an alternative to the iframe it is possible to use the <embedjs> tag to insert the HTML5 asset directly into the page which allows for better size control and for a responsive asset to check the user’s device and respond accordingly.  However, an embedded asset can create a security risk and the Author-it user should independently validate the asset’s code before using the <embedjs> option.  Finally, for some outputs the asset can be displayed in a modal window which allows for size checking and responsive behaviour.