Last updated March 9, 2012. Created on March 21, 2011.
Edited by stongo. Log in to edit this page.

Documentation for 7.x-2.x coming soon

External iFrame opens external links in an iframe with a simple banner consisting of your logo and a button to close the banner and leave your site. This module treats all absolute links outside of your site's domain and sub-domains as external links.
Each link is validated on the external iframe page and a cookie is set so a user can return to the page (from a bookmark for example) for a period of time without encountering a "link not trusted" message. The time period for which a link is trusted is configurable in the module settings.

To install module:
1) Extract module files to /sites/all/modules
2) Enable module in the drupal administrative interface
3) Edit user permissions and give necessary access for External iFrame administration
4) Configure how long external links remain trusted in the External iFrame settings page (D6: /admin/settings/externaliframe, D7: admin/config/externaliframe)
5) That's it! You're off to the races.
6) To exclude any external links from being handled by this module, give the "a" tag a class of "external-nofollow" ie. <a href="" class="external-nofollow">

Customizing the template:
1) Copy external.tpl.php (D7: page--external.tpl.php) to your theme
2) Edit as necessary

Possible Problems
1) If you are installing this module on a localhost setup, the url rewriting might not work properly. If you are accessing your site at http://localhost:8989/foobar you will have to change js/external_iframe.js on line 21 (Drupal 7):

-       var appendUrl = '/external?url=';
+       var appendUrl = '/foobar/external?url=';

A better option is to configure a virtual host on your local setup and access the site like http://foobar.loc:8989/ for example

- This module considers any link outside your domain and sub-domains as external links
- Because of link validation you cannot send the full external link url to your friends. A share this feature is expected in the next release.
- Ignores https links

Looking for support? Visit the forums, or join #drupal-support in IRC.


Hussein’s picture

So, how can I actually *use* it? how to actually use this module to put an iframe?

stongo’s picture

Just enable the module, and external links should start opening in an iframe with a simplistic site header on top. You can copy the external.tpl.php (d6) or page-external.tpl.php(d7) to your theme, and make any adjustments to the template you want. It will pick up all the page template variables.

POTHkoli’s picture

1. Enable Module = Done
2. From "admin/config/externaliframe" page
# Field "Select content types to enable external iframes on:"
- content type 'news' = Done
# Field "Enter parent container for where External Iframe should search for and rewrite external links"
- #post-content = Done
# Field "Add external iframe by class"
- '*' is default = Done
- Negate = Uncheck
# Field "Exclude Domains"
= [Default]
# Field "Days links remain trusted"
- '7' Default = Done

What's the wrong for me?

Please help me...

dhoover’s picture

Get the following Error?

Warning: array_unshift() [function.array-unshift]: The first argument should be an array in external_iframe_theme_registry_alter() (line 174

stongo’s picture

Can you please use the module's issue queue for this.

poneks01’s picture

The search results becomes external even if they are internal nodes. They open in iframes , how to prevent?

Drupal 7

adarksun’s picture

I tried this module several times to localhost project and webhost project. I just followed the instructions which are provided there. Does anyone sussfully deploy this extension. If yes, then would you please tell me what to do to implement this extension?

Mentionable i use this in Drupal 7.8 project and do the followings:

1. Install it
2. Enable the module

But its not working. If anybody can do, please help...

asaguiar’s picture


The module worked fine for me and is a great idea. But it has serious project flaws.

The most directly obvious use of this module is in menus. However, I haven't been able to figure a way to use the class="external-nofollow" in a menu item. In the editor it is not safe. Several websites do not allow browsing in frames. Facebook, for instance, will show a white screen of death when iframed. Horde will kick itself to the top frame.

It happens that:
1. it is not practical to test every url before posting (users would flee in panic :-D).
2. regular users do not know html/css (and do not want to know).
3. users that are html/css coders are unlikely to know the exact syntax to avoid iframes for a single website. And probably do not want to learn, and if they did once probably would not remember later.
4. regular users of websites in most cases (fortunately) do not even have access to full html editing: I and a huge crowd out there regard widespread power for coding inside the website a major breach in security.
5. the editor shows no warning about the need for the peculiar syntax.
6. automatic conversion of urls to links ignores the peculiar syntax.

Thus, the expected result is an unpredictable lot of malfunctioning or non functioning links withing user posts. This in not the kind of thing the users forgive. :-)

As far as I can see, only a small subset of menus would be well served by the module: links to websites that accept running in a frame. It does not seem to compensate for the risks in websites where users generate content.

IMHO, it would make things a lot better to leave links untouched by default and have the special syntax to force iframes. Only availabe to those who know how the website works and have access to full html/css editing power: admins.

I am sorry if I missed something. Am a newcomer to Drupal and have done my best reading docs and making tests.



Ankabout’s picture

I completely agree with Alexandre, the default should be not to touch links, and by adding an attribute it should work.

Ryan258’s picture

Since I first saw NetworkedBlogs first do their iFrame thing on Facebook I've really been wanting to try out an iFrame driven approach and this module seems to really be a great step in that direction. At the moment I'm up to my shoulders in page manager/panels/views wizardry but I was wondering if you could clear a couple things for me.

Have you experimented at all with adding Fivestar, FB/Social Media share buttons, or the site slogan to the site bar hanging over the iframe?

What I would like to do is have a content type (or maybe just its own entity of external source) that I could tie the ratings, launch a shared link that would send people to the page with my url+external url to send people to the page and included my top bar.

Are these things that you've tried out or do you see this being a relatively straightforward .tpl edit to accomplish?

I think a short write up on the considerations you take into implementing this module and things through your experience you've simply learned to avoid would really get this awesome module some much deserved fanfare. :)

stongo’s picture

Thanks for the great feedback!
There are several things I have in the works for a 2.0 release. I do plan on adding a Share button. With the current release you can copy over the template file included in the module to your theme, and customize it like any other page template.
Here's a general outline of new features I have planned. Any feedback and suggestions are welcome.

  1. better JS performance
  2. more advanced settings page for increased control of where/how external links are rewritten
    • Select content types to enable external iframes on
    • Add external iframe by link class
    • Define parent container (won't check and rewrite links outside container)
  3. create "share this" widget
walker2238’s picture

Any idea on when you plan to release a development version of 2.0?

emanueleb’s picture

Can you pre-test some new-features?

for example:

-insert selector for comments (only links in comments will be processing)

  $('body:not(#external) a[href^=http:]:not(.external-nofollow)').each(
      if(this.href.indexOf(host) == -1 && location.pathname.indexOf('external') == -1) {
        $(this).attr('href', function() {
          var currentUrl = $(this).attr('href');
          var newUrl = appendUrl + currentUrl;
          $(this).attr('href', newUrl);

How to hack this js code to insert another condition like #comments ?


stongo’s picture

The first line of what you pasted would be where to add the #comments selector.

$('body:not(#external) #comments a[href^=http:]:not(.external-nofollow)').each(

In the context of making the parent container a field in the admin settings, the code will become something like:

var selector = 'body:not(#external) ' + Drupal.settings.externaliframe.parent + 'a[href^=http:]:not(.external-nofollow)';
emanueleb’s picture

Thank you

adarksun’s picture

This is the only Drupal 7 module, which even I could not make it working. I tried all the steps mentioned above but failed. I tried this module about more than one year! Today, I tried all versions of the module to a new site(sited build on Drupal 7.14) but I failed!

I don't know whether anybody has success using this module. If anybody, plz tell us in detail how to use this module.


POTHkoli’s picture

Same problem I face...

help pls...

POTHkoli’s picture

I want to know, why you are publish module, that is not working. since you published it, give support if has any problem...

Dislike you...

dav0’s picture

I appreciate what you seem to be trying to do here, but I too have been trying to figure out what to do with this latest version of the module, as well as the previous one(s).

I suggest a small tutorial/example use with a code snippet.


dougal83’s picture

I just can't seem to get the 7.x-2.x-rc2 or 7.x-2.x-dev to show the admin page/config page. Is there a problem? I'll check back later as I'm not sure if it's me.

tomzoll’s picture

If external url =, url which is loaded into frame is: = without &arg2=2. How can i fix this?