...
Since these two things are out of scope of the standard, it's difficult to speak in absolutes about this issue. However, understanding the constraints of implementing a SLO interface, it is likely that many, if not most, SLO experiences are managed by the IdP and implemented using hidden iframes because that's the only obvious way to implement a large number of interactions with an unbounded set of third party sites (the SPs). Most Additionally, many SPs and applications require access to the cookie state between the SP and the browser to implement a logout.
...