Why are the <frame> and <frameset> tags not supported in HTML5?

Yes very, very evil to add to Mario Laurisch's answer. When combined with social engineering, attackers can perform something called "Cross Frame Scripting" CFS, where users may believe the page to be legitimate but has bad intent, stealing vital data from them. There's ways to break out of a frame/window with JavaScript code however, just use embed as stated by Mario. if (window.top !== window.self){ location.href = "http://your-website.com"; // or location.href = window.self; }