HTML sandbox attribute

sandbox attribute applies a set of restrictions for security reasons on the content in an iframe.

Example


 <iframe src="files/demo.html" height="500" width="500" sandbox>
 </iframe>
Try </>

sandbox attribute blocks forms, pointer-lock, popus, scripts and top navigation. It also disables the annoying APIs. sandbox attribute secures the plugins in an iframe.

The above-given conditions can be removed by allowing them along with the sandbox attribute.

sandbox attribute values

The values of this attribute are unique space separated tokens.

Values of sandbox

forms

forms value allows forms in an iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-forms"></iframe>

pointer-lock

pointer-lock value allows pointer lock API in an iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-pointer-lock" ></iframe>

popups

allow-popups value allows popups in the iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-popups"></iframe>

scripts

allow-scripts value allows script in the iframe.

<iframe src="files/demo.html" width="400" height="400" sandbox="allow-scripts"></iframe>

The scripting language is enabled for the sandbox iframe.

Related Tags

<iframe> tag

Iframe defines an iframe that borwses the other content (pages, images, video, audio).



Was this article helpful?

 

Email:

Message:

Get the newsletter