Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I Want to sandbox! ... again #5

Merged
merged 3 commits into from
Jul 29, 2019
Merged

I Want to sandbox! ... again #5

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b9566c6
I Want to `sandbox`!
Malvoz Jul 18, 2019
5d70142
Changing the file name
aarongustafson Jul 29, 2019
7cbe794
Minor editing
aarongustafson Jul 29, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions wants/16.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
title: I want code distributors to advertise which `sandbox` features I can safely restrict
date: 2019-07-18T00:00:00.000Z
submitter: github.com/@Malvoz
tags:
- privacy
- security
- workflow
---

The [`sandbox`](https://html.spec.whatwg.org/multipage/iframe-embed-object.html#attr-iframe-sandbox) attribute allows developers to restrict web features of embedded content, such as `<iframe>`. This is a hard-to-utilize security feature because code distributors do not provide sufficient documentation on the APIs used, likely leading to broken embeds. I want to be able to `sandbox` away with confidence!