Jump to content

Topic on Extension talk:EmbedScript/Flow

Iframe sandbox attribute

2
Jeblad (talkcontribs)

There is a new iframe sandbox attribute that can be used to even further limit the code. There are also a blogpost at MSDN discussing this feature. Jeblad (talk) 15:36, 24 February 2012 (UTC)

Brooke Vibber (talkcontribs)

I'm starting this project back up; following up on some old comments. :)

Yeah, looks like sandbox="allow-scripts" may be what we want; disables some things but still allows scripting. I'll want to make sure that doesn't break the postMessage though...

Reply to "Iframe sandbox attribute"