iframe sandbox Attribute - HTML CSS HTML Tag

Description

The sandbox attribute enables an extra set of restrictions for the content in the iframe.

When the sandbox attribute is present, and it will:

• treat the content as being from a unique origin
• block form submission
• block script execution
• disable APIs
• prevent links from targeting other browsing contexts
• prevent content from using plugins (<embed>, <object>, <applet>, or other)
• prevent the content to navigate its top-level browsing context
• block automatically triggered features

The value of the sandbox attribute can either be just sandbox, or a space-separated list of pre-defined values that will REMOVE the particular restrictions.

Attribute Values

Value	Description
(no value)	Applies all restrictions
allow-forms	Re-enables form submission
allow-pointer-lock	Re-enables APIs
allow-popups	Re-enables popups
allow-same-origin	Allows the iframe content to be treated as being from the same origin
allow-scripts	Re-enables scripts
allow-top-navigation	Allows the iframe content to navigate its top-level browsing context

An <iframe> with extra restrictions:

Demo Code

<!DOCTYPE html>
<html>
<body>

<iframe src="demo_iframe_sandbox.htm" sandbox>
  <p>Your browser does not support iframes.</p>
</iframe><!--from w  ww  . j a  va 2  s .c om-->

</body>
</html>

• Previous
• Next

Related Tutorials

• <iframe>
• iframe height Attribute
• iframe name Attribute
• iframe sandbox Attribute - An <iframe> sandbox allowing form submission:
• iframe sandbox Attribute - An <iframe> sandbox allowing scripts and access to server content: