[whatwg] Iframe Sandbox Attribute - allow-plugins?
Adam Barth
w3c at adambarth.com
Wed Jul 13 13:31:19 PDT 2011
Adding allow-plugins today would defeat the prevention of parent redirection.
The short answer is we need an API for informing plugins of the
sandbox flags and a way of confirming that the plugins understand
those bits before we can allow plugins inside sandboxed frames.
Adam
On Wed, Jul 13, 2011 at 12:53 PM, John Richards
<johnmrrichards at gmail.com> wrote:
> http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox
>
> Are there plans to have an 'allow-plugins' value?
>
> I'm assuming there will be use-cases where the only protection that is
> desired is prevention of parent redirection.
>
> Thanks
>
More information about the whatwg
mailing list