[whatwg] Modifying iframe sandbox attributes
Ian Hickson
ian at hixie.ch
Wed Jul 24 11:05:53 PDT 2013
On Mon, 22 Apr 2013, Tim Streater wrote:
>
> I need to add/remove the allow-scripts attribute to/from an iframe
> sandbox, since I use one frame for two purposes (sometimes with
> untrusted content, other times with my own content that uses
> JavaScript). I've tried the following:
>
> iframePtr.sandbox = "allow-popups allow-same-origin allow-scripts";
>
> and:
>
> iframePtr.sandbox = "allow-popups allow-same-origin";
>
> This doesn't appear to work in Safari 6.0.4. Is this the right syntax?
> Is such a possibility even implemented yet.
It should work. Make sure you set them before you navigate the iframe,
though.
--
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the whatwg
mailing list