HTML sandbox Attribute
Definition and Usage
The sandbox
attribute enables an extra set of
restrictions for the content in an iframe.
When the sandbox
attribute is present, and it will:
- treat the content as being from a unique origin
- block form submission
- block script execution
- disable APIs
- prevent links from targeting other browsing contexts
- prevent content from using plugins (through <embed>, <object>, <applet>, or other)
- prevent the content to navigate its top-level browsing context
- block automatically triggered features (such as automatically playing a video or automatically focusing a form control)
The value of the sandbox
attribute can either be just sandbox (then all
restrictions are applied), or a space-separated list of pre-defined values that
will REMOVE the particular restrictions.
Applies to
The sandbox
attribute can be used on the following element:
Element | Attribute |
---|---|
<iframe> | sandbox |
Example
An <iframe> with extra restrictions:
<iframe src="demo_iframe_sandbox.htm" sandbox></iframe>
Try it Yourself »
Browser Support
The numbers in the table specify the first browser version that fully supports the attribute.
Attribute | |||||
---|---|---|---|---|---|
sandbox | 4.0 | 10.0 | 17.0 | 5.0 | 15.0 |