A user account is required in order to edit this wiki, but we've had to disable public user registrations due to spam.

To request an account, ask an autoconfirmed user on Chat (such as one of these permanent autoconfirmed members).

Difference between revisions of "Iframe Sandbox"

From WHATWG Wiki
Jump to navigation Jump to search
(added comments from Adam and Maciej in email, documented in section to keep the sandbox attribute)
Line 22: Line 22:
* -1 [http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-August/027485.html Adam Barth]
* -1 [http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-August/027485.html Adam Barth]
* -1 [http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-August/027491.html Maciej Stachowiak]
* -1 [http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2010-August/027491.html Maciej Stachowiak]
* ...

== why sandbox should be kept ==
== why sandbox should be kept ==

Revision as of 20:16, 3 August 2010

This article is a stub. You can help the whatwg.org wiki by expanding it.

iframe sandbox attribute

This page is for collecting issues and proposals related to the new <iframe> sandbox attribute.

proposal drop sandbox attribute

The new 'sandbox' feature on <iframe> should be considered for removal.

In speaking with fellow developers at Mozilla, I've collected the following feedback:

  • The sandbox feature and functionality needs a thorough security review.
  • It will be a lot of work to implement properly.
  • It may not actually solve the problem it is intending to solve.

Tantek 01:56, 2 August 2010 (UTC)

opinions and discussion

why sandbox should be kept

implementation experience

Per Maciej, support for the new 'sandbox' feature on <iframe> is "shipping in current versions of Safari and Chrome."

The initial patch implementing it for WebKit can be seen here: http://trac.webkit.org/changeset/51577.

This patch was 100k, but more than half of it is tests and the ChangeLog entry.


"There's been a lot of security review, both on this list and in the W3C HTML WG. I've been meaning to write up a summary of all the discussion, but I haven't gotten around to it yet. We ended up tweaking a few aspects, but generally the design seems solid." — Adam Barth 2010-08-01

Also from Maciej: Security experts have reviewed it (which security experts? links?). 'sandbox' itself seems pretty solid, although there are possibly issues with related features such as text/html-sandboxed and 'seamless' attribute.

While more security review is always welcome, it seems like the basic idea is solid, and it's demonstrably implementable.

examples in the wild

Per Maciej, Content has been built using it.

Which content? URLs to examples in the wild?

use cases

Per Maciejj, while it's unclear if <iframe sandbox> will work well for comments or other such cases of seamless untrusted content, it seems clearly useful for use cases like:

  • gadgets
  • ads

Examples? Could someone provide code examples of how <iframe sandbox> could be used for gadgets or ads or other use cases?