Menu
I've got an empty iframe and a button:
<input type="button" name="B1" value="google"
onclick="frames['IFrameName1'].location.href='https://www.google.com/'">
But (besides .location.href) i need to set the attribute sandbox="allow-forms allow-scripts allow-same-origin, because the framed site "deframes". How to set location AND sandbox?
673
The sandbox attribute enables an extra set of restrictions for the content in the iframe. When the sandbox attribute is present, and it will: treat the content as being from a unique origin. block form submission.
Sandboxed JavaScript is a simplified subset of the JavaScript language that provides a safe way to execute arbitrary JavaScript logic from Google Tag Manager's custom templates. To provide a safe execution environment, some features of JavaScript are restricted or removed.
It's called the sandbox attribute. Just adding the sandbox attribute is enough to severely lock down an iframe. With this attribute set, the document inside the iframe cannot do any of the following: Run any JavaScript, even if it would only affect contents of the iframe.
While you can set the iframe.sandbox property as a string, it's technically a DOMTokenList interface, so you can also add() and remove() single tokens:
let myIframe = document.createElement('iframe');
myIframe.sandbox.add('allow-scripts');
myIframe.sandbox.toggle('allow-forms');
console.log(myIframe.sandbox.toString())
// Returns: "allow-scripts allow-forms"
console.log(myIframe.outerHTML)
// Returns: <iframe sandbox="allow-scripts allow-forms"></iframe>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
