Trc4 I don't think Firefox should be blocking iframes unless your site has a Content Security Policy header that disallows it or the iframe points to an insecure page (http from https). I'm sure there's other scenarios (such as the destination site itself disallowing embed) but it is likely different depending on what you're trying to use an iframe for.
HendyTurtle Looks like someone above recommended using an iframe with a JS tag inside srcdoc
. Not sure if that'll work.
A more reliable version that wouldn't need iframes would be custom web components (though this is way more complex). Creating a web component in a script tag in head
and then using it in the fof page so that it calls that original code, for example. This would make sure the code always runs as intended, no matter how the page loaded.