It's kinda the opposite actually. iframes didn't provide sufficient security to do the sort of things Google wanted to be able to do with them, so they had to design a new standard with better protections: https://github.com/WICG/portals/blob/master/explainer.md#why...