HTML sandbox attribute

sandbox attribute applies a set of restrictions for security reasons on the content in an iframe.

<iframe src="files/demo.html" height="500" width="500" sandbox>
</iframe>
</>

sandbox attribute blocks forms, pointer-lock, popups, scripts and top navigation. It also disables the annoying APIs. sandbox attribute secures the plugins in an iframe.

Attribute values

All possible values of sandbox attribute

The values of this attribute are unique space separated tokens.

forms

forms value allows forms in an iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-forms"></iframe>

pointer-lock

pointer-lock value allows pointer lock API in an iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-pointer-lock" ></iframe>

popups

allow-popups value allows popups in the iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-popups"></iframe>

scripts

allow-scripts value allows script in the iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-scripts"></iframe>

scripts

allow-scripts value allows script in the iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-scripts"></iframe>

Related Tags

The tags that support sandbox attribute

<iframe> tag

Iframe defines an iframe that borwses the other content (pages, images, video, audio).



Was this article helpful?