OutSystems iFrame pop-up
OutSystems UI

OutSystems pop-up internally use iFrame. But using iFrmae within application is security vulnerability, so why can't you make nice new popup in-order to improve the security. 

Hi Karnan,

Have you checked the Modal from Silk UI?

Have a look here: https://silkui.outsystems.com/Patterns_Web.aspx#Web_Content_Modal this might be what you are looking for.


Changed the category to

How is an iframe *to your own application* a security violation? An iframe to ANOTHER application? Sure, that can be a problem (though... really? iframes are treated as a separate window as far as JavaScript and DOM is concered... so even then... are iframes REALLY a security concern?). This feels more like someone is following a "security" checklist without asking "is this actually a security problem? What's the actual risk here?"


Changed the status to
on 01 May 2015


As Miguel mentioned, Silk UI Web provides a Modal pattern that is essentially a Popup with no usage of Iframes. This way developers are able to decide to use the one which better fits their use case.


Thanks everyone for the information!!

Actually we had developed an application which is using the Outsystems pop-up and it was working fine in thelower environment Dev/QA.  But when it goes to production there was an issue in pop-up and not working.  Then found that customer has blocked iFrame in their environment so it's not working, so looking for an alternate and created one custom pop-up.