An <iframe> with extra restrictions:
More "Try it Yourself" examples below.
The sandbox attribute enables an extra set of restrictions for the content in the iframe.
When the sandbox attribute is present, and it will:
The value of the sandbox attribute can either be just sandbox (then all restrictions are applied), or a space-separated list of pre-defined values that will REMOVE the particular restrictions.
The numbers in the table specify the first browser version that fully supports the attribute.
The sandbox attribute is new in HTML5.
|(no value)||Applies all restrictions|
|allow-forms||Re-enables form submission|
|allow-same-origin||Allows the iframe content to be treated as being from the same origin|
|allow-top-navigation||Allows the iframe content to navigate its top-level browsing context|
An <iframe> sandbox allowing form submission:
An <iframe> sandbox allowing scripts and access to server content: