- From: <bugzilla@jessica.w3.org>
- Date: Thu, 23 Jun 2011 18:19:42 +0000
- To: public-html-bugzilla@w3.org
http://www.w3.org/Bugs/Public/show_bug.cgi?id=13032 Summary: "allow-plugins" option for iframe sandbox attribute Product: HTML WG Version: unspecified Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: HTML5 spec (editor: Ian Hickson) AssignedTo: ian@hixie.ch ReportedBy: shane@eznettools.com QAContact: public-html-bugzilla@w3.org CC: mike@w3.org, public-html-wg-issue-tracking@w3.org, public-html@w3.org I propose that an "allow-plugins" option be added for the iframe sandbox attribute similar to the "allow-scripts" and "allow-forms" options. When included in the sandbox attribute value, the nested browsing context would be allowed to instantiate plugins. The specification text should be changed from: "The sandboxed plugins browsing context flag" to: "The sandboxed plugins browsing context flag, unless the sandbox attribute's value, when split on spaces, is found to have the allow-plugins keyword set" I am currently working on a kiosk application and want to prevent content rendered in an iframe from being able to open new windows or tabs that are outside of the control of the kiosk application. The sandbox attribute (when fully supported) seems like a perfect solution, except that many of the sandboxed pages (which may be out of our control) will have flash content. I realize that allowing plugins in sandboxed iframes opens a wide hole, potentially making the sandbox completely ineffective. However, for my use case I do not think the risk is that severe. I have a certain amount of control over what pages are navigated to. I also have control over which plugins are installed. I am more concerned with window.open and the target attribute than I am with flash or a quicktime video doing something malicious. In short I would like to be able to do something like: sandbox="allow-scripts allow-forms allow-plugins" to allow the sandboxed page to render fully (including flash and other plugin-based content), while still preventing the common methods of opening new windows/tabs. Even with the security risk, I believe the option should available so the developer can make the determination. Thank you for your consideration. -- Configure bugmail: http://www.w3.org/Bugs/Public/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug.
Received on Thursday, 23 June 2011 18:19:43 UTC