The site you're trying to load has either set the
X-Frame-Options[
^] header, or has sent a content security policy (CSP) with the
frame-ancestors[
^] directive, both of which will instruct all modern browsers to prohibit loading the site in an
<iframe>
.
In the case of Yahoo, it's sending:
X-Frame-Options: SAMEORIGIN
which means only pages hosted on the
yahoo.com
domain can load other
yahoo.com
pages in an
<iframe>
.
This is generally done for security reasons. There is no way for an HTML page to bypass this.