Deprecated frame/frameset Tag Present
<frame> and <frameset> are removed from HTML5 — not supported in modern browsers, bad for SEO, and catastrophic for accessibility.
Why it matters
<frame> and <frameset> are removed from HTML5 — not supported in modern browsers, bad for SEO, and catastrophic for accessibility.
Address when convenient — notices usually mark a polish opportunity rather than a defect. Estimated SEO impact: high — direct effect on rankings or impressions.
How to fix
- Rewrite the page layout using CSS flexbox or grid
- Replace frameset navigation with CSS + a single page
- Migrate content to a modern component-based architecture
Common causes
If the rule is firing across many pages, the root cause is almost always one of these:
- Mixed-content sub-resources from before HTTPS migration that escaped the rewrite.
- CDN or upstream proxy strips a security header that was set at the origin.
- Legacy redirects send HTTPS traffic through HTTP first.
- Test/staging hostnames leak into production HTML via hard-coded URLs.
Anti-patterns to avoid
Even with the best intentions, these "fixes" make the issue worse — recognise them so you don't ship them:
- Mixed HTTP/HTTPS resources after migration.
- Self-signed or expired certificates on production.
- Long-lived secrets in client-rendered HTML or JS bundles.
How atlookup detects this
Our crawler renders each page with a real headless browser, then inspects HTTPS state, response headers, mixed content, and certificate validity. Pages where the rule fires for deprecated frame/frameset tag present are flagged on the report.
If you'd like to see this rule fire on your own site, run a free 60-second audit — every page is reported with the exact lines that triggered it.
Tools to verify the fix
Once you've applied the fix, double-check with these external validators:
- SSL Labs — Grades certificate + protocol configuration.
- securityheaders.com — Audits response headers against best practice.
Frequently asked questions
Why does Deprecated frame/frameset Tag Present matter for SEO?
<frame> and <frameset> are removed from HTML5 — not supported in modern browsers, bad for SEO, and catastrophic for accessibility.
How do I fix deprecated frame/frameset tag present?
Rewrite the page layout using CSS flexbox or grid Replace frameset navigation with CSS + a single page Migrate content to a modern component-based architecture
Is this a critical SEO issue?
Address when convenient — notices usually mark a polish opportunity rather than a defect. Estimated SEO impact: high — direct effect on rankings or impressions.
How does atlookup detect deprecated frame/frameset tag present?
Our crawler renders each page with a real headless browser, then inspects HTTPS state, response headers, mixed content, and certificate validity. Pages where the rule fires for deprecated frame/frameset tag present are flagged on the report.
How long does it take to fix?
5–15 minutes per page. Most teams batch similar issues across templates so the per-page time goes down at scale.
Related issues
FLASH_OBJECT_PRESENT
Flash Object on Page
Adobe Flash has been end-of-life since December 2020 — no browser runs it.
FORM_INSECURE_ACTION
Form Action Uses HTTP on HTTPS Page
A form that POSTs to an HTTP endpoint on an HTTPS page sends user data in the clear — a serious security and privacy failure.
MIXED_CONTENT_IFRAME
Mixed Content: HTTP iframe on HTTPS Page
HTTP iframes on HTTPS pages are blocked by modern browsers entirely — the embedded content simply does not render, breaking the user experience.
MIXED_CONTENT_SCRIPT
Mixed Content: HTTP Script on HTTPS Page
HTTP scripts on HTTPS pages are blocked by all modern browsers — the script never runs, often breaking analytics, widgets, or core functionality.