Docs Editor Model/Schema Cases Scenarios Tips Playground Coverage

Iframe Node Type

Category: Media • Detailed implementation guide with view integration notes

Schema Definition

Schema definition for the Iframe node type: 

{
  iframe: {
    group: 'block',
    attrs: {
      src: { default: '' },
      width: { default: null },
      height: { default: null },
      allowfullscreen: { default: false }
    }
  }
}

Model Representation

Example model representation: 

{
  type: 'iframe',
  attrs: {
    src: 'https://example.com/embed',
    width: 800,
    height: 600,
    allowfullscreen: true
  }
}

HTML Serialization

Converting model to HTML: 

function serializeIframe(node) {
  const attrs = {};
  if (node.attrs.src) attrs.src = escapeHtml(node.attrs.src);
  if (node.attrs.width) attrs.width = node.attrs.width;
  if (node.attrs.height) attrs.height = node.attrs.height;
  if (node.attrs.allowfullscreen) attrs.allowfullscreen = true;
  return '<iframe' + serializeAttrs(attrs) + '></iframe>';
}

HTML Deserialization

Parsing HTML to model: 

function parseIframe(domNode) {
  return {
    type: 'iframe',
    attrs: {
      src: domNode.getAttribute('src') || '',
      width: parseInt(domNode.getAttribute('width')) || null,
      height: parseInt(domNode.getAttribute('height')) || null,
      allowfullscreen: domNode.hasAttribute('allowfullscreen')
    }
  };
}

View Integration

View Integration Notes: Pay special attention to contenteditable behavior, selection handling, and event management when implementing this node type in your view layer.

View integration code: 

// Rendering iframe
const iframe = document.createElement('iframe');
iframe.src = node.attrs.src;
if (node.attrs.width) iframe.width = node.attrs.width;
if (node.attrs.height) iframe.height = node.attrs.height;
iframe.allowFullscreen = node.attrs.allowfullscreen === true;
iframe.contentEditable = 'false'; // Iframes are not editable

Common Issues

Common Pitfalls: These are issues frequently encountered when implementing this node type. Review carefully before implementation.

Common issues and solutions: 

// Issue: XSS security
// Solution: Validate and sanitize src URLs
function validateIframeSrc(src) {
  const allowedDomains = ['youtube.com', 'vimeo.com'];
  try {
    const url = new URL(src);
    return allowedDomains.some(domain => url.hostname.includes(domain));
  } catch {
    return false;
  }
}

// Issue: Sandbox attributes
// Solution: Use sandbox for security
iframe.setAttribute('sandbox', 'allow-scripts allow-same-origin');

// Issue: Responsive iframes
// Solution: Use responsive wrapper
function makeIframeResponsive(iframe) {
  const wrapper = document.createElement('div');
  wrapper.className = 'iframe-wrapper';
  wrapper.style.position = 'relative';
  wrapper.style.paddingBottom = '56.25%'; // 16:9
  iframe.style.position = 'absolute';
  iframe.style.width = '100%';
  iframe.style.height = '100%';
  wrapper.appendChild(iframe);
  return wrapper;
}

Implementation

Complete implementation example: 

class IframeNode {
  constructor(attrs) {
    this.type = 'iframe';
    this.attrs = {
      src: attrs?.src || '',
      width: attrs?.width || null,
      height: attrs?.height || null,
      allowfullscreen: attrs?.allowfullscreen === true
    };
  }
  
  toDOM() {
    const iframe = document.createElement('iframe');
    Object.assign(iframe, this.attrs);
    return iframe;
  }
  
  static fromDOM(domNode) {
    return new IframeNode({
      src: domNode.getAttribute('src') || '',
      width: parseInt(domNode.getAttribute('width')) || null,
      height: parseInt(domNode.getAttribute('height')) || null,
      allowfullscreen: domNode.hasAttribute('allowfullscreen')
    });
  }
}