[whatwg] Modifying iframe sandbox attributes

Tim Streater tim at clothears.org.uk
Mon Apr 22 10:26:00 PDT 2013

I need to add/remove the allow-scripts attribute to/from an iframe sandbox, since I use one frame for two purposes (sometimes with untrusted content, other times with my own content that uses JavaScript). I've tried the following:

iframePtr.sandbox = "allow-popups allow-same-origin allow-scripts";


iframePtr.sandbox = "allow-popups allow-same-origin";

This doesn't appear to work in Safari 6.0.4. Is this the right syntax? Is such a possibility even implemented yet.

Cheers  --  Tim

More information about the whatwg mailing list