[whatwg] Iframe Sandbox Attribute - allow-plugins?

Adam Barth w3c at adambarth.com
Wed Jul 13 13:31:19 PDT 2011


Adding allow-plugins today would defeat the prevention of parent redirection.

The short answer is we need an API for informing plugins of the
sandbox flags and a way of confirming that the plugins understand
those bits before we can allow plugins inside sandboxed frames.

Adam


On Wed, Jul 13, 2011 at 12:53 PM, John Richards
<johnmrrichards at gmail.com> wrote:
> http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox
>
> Are there plans to have an 'allow-plugins' value?
>
> I'm assuming there will be use-cases where the only protection that is
> desired is prevention of parent redirection.
>
> Thanks
>


More information about the whatwg mailing list