HTML sandbox Attribute: This attribute defines an extra set of restrictions for the content in the iframe.
When the sandbox attribute is present, and it will:
- treat the content as being from a unique origin
- block form submission
- block script execution
- disable APIs
- prevent links from targeting other browsing contexts
- prevent content from using plugins (through <embed>, <object>, <applet>, or other)
- prevent the content to navigate its top-level browsing context
- block automatically triggered features (such as automatically playing a video or automatically focusing a form control)
HTML sandbox Attribute
If this attribute is present then it will treat the content as being from a unique origin, blocks form submission, disable API’s, block script execution, etc. It can be applied on <iframe> element.
This attribute is supported by the following browsers:
- Internet Explorer-10.0
Example: for <iframe> element
<!DOCTYPE html> <html> <body> <iframe src="demo_iframe_sandbox.htm" sandbox> <p>Your browser does not support iframes.</p> </iframe> </body> </html>