HTML sandbox Attribute

HTML sandbox Attribute: This attribute defines an extra set of restrictions for the content in the iframe.

When the sandbox attribute is present, and it will:

  • treat the content as being from a unique origin
  • block form submission
  • block script execution
  • disable APIs
  • prevent links from targeting other browsing contexts
  • prevent content from using plugins (through <embed>, <object>, <applet>, or other)
  • prevent the content to navigate its top-level browsing context
  • block automatically triggered features (such as automatically playing a video or automatically focusing a form control)

HTML sandbox Attribute

If this attribute is present then it will treat the content as being from a unique origin, blocks form submission, disable API’s, block script execution, etc.  It can be applied on <iframe> element.

Browser Support

This attribute is supported by the following browsers:

  • Chrome-4.0
  • Internet Explorer-10.0
  • Firefox-17.0
  • Safari-5.0
  • Opera-15.0

Example: for <iframe> element

<!DOCTYPE html>
<html>
<body>
<iframe src="demo_iframe_sandbox.htm" sandbox>
  <p>Your browser does not support iframes.</p>
</iframe>
</body>
</html>

Output:

HTML sandbox attribute