Menu
Since Chrome 46 it is needed to add the 'allow-modals' flag to the sandbox attribute of an iframe to allow modals (like alert and confirm) to break out of the iframe. No problem so far.
But when you run that code in browsers that do not yet support the flag (like Safari or Chrome before version 46) you get the following error: Error while parsing the 'sandbox' attribute: 'allow-modals' is an invalid sandbox flag.
Anybody an idea how to fix this without some kind of browser sniffing?
995
The sandbox attribute enables an extra set of restrictions for the content in the iframe. When the sandbox attribute is present, and it will: treat the content as being from a unique origin. block form submission.
allow-scripts allows JavaScript execution, and also allows features to trigger automatically (as they'd be trivial to implement via JavaScript). allow-top-navigation allows the document to break out of the frame by navigating the top-level window.
An embed enables you to include a sandbox in your documentation, blog post, or website using an iframe, or anywhere with Embedly support, like Medium, Reddit, Trello, and Notion. You can show just the code, the preview, or both at the same time.
Seems like the only way to add it is retroactively, via JS.
function allowModals(){
for (const i of document.getElementsByTagName('iframe')) {
if (!i.sandbox.supports('allow-modals')) {
console.warn("Your browser doesn't support the 'allow-modals' attribute :(");
break;
}
if (i.sandbox.contains('allow-modals')) continue;
console.info(i, "doesn't allow modals");
i.sandbox.add('allow-modals');
console.info(i, 'now allows modals');
}
}<button onclick='allowModals()' style='display: block'>Allow modals</button>
<iframe src="//example.com"></iframe>Seems awfully strange that a new attribute value can't be used in older browsers. Backwards-incompatible changes aren't the way the web should work. :/
130
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
