HTML sandbox Attribute

Definition and Usage

The sandbox attribute enables an extra set of restrictions for the content in an iframe.

When the sandbox attribute is present, and it will:

  • treat the content as being from a unique origin
  • block form submission
  • block script execution
  • disable APIs
  • prevent links from targeting other browsing contexts
  • prevent content from using plugins (through <embed>, <object>, <applet>, or other)
  • prevent the content to navigate its top-level browsing context
  • block automatically triggered features (such as automatically playing a video or automatically focusing a form control)

The value of the sandbox attribute can either be just sandbox (then all restrictions are applied), or a space-separated list of pre-defined values that will REMOVE the particular restrictions.

Applies to

The sandbox attribute can be used on the following element:

Element Attribute
<iframe> sandbox


An <iframe> with extra restrictions:

<iframe src="demo_iframe_sandbox.htm" sandbox></iframe>
Try it Yourself »

Browser Support

The numbers in the table specify the first browser version that fully supports the attribute.

sandbox 4.0 10.0 17.0 5.0 15.0