Enumeration of the supported sandbox options for the iframe.

Enumeration Members

allow-forms: 0

Allows form submissions.

allow-modals: 6

Allows the embedded browsing context to open modal windows.

allow-orientation-lock: 7

Allows the embedded browsing context to disable the ability to lock the screen orientation.

allow-pointer-lock: 2

Allows pointer lock.

allow-popups: 1

Allows popups, such as window.open(), showModalDialog(), target=”_blank”, etc.

allow-popups-to-escape-sandbox: 8

Allows a sandboxed document to open new windows without forcing the sandboxing flags upon them. This will allow, for example, a third-party advertisement to be safely sandboxed without forcing the same restrictions upon a landing page.

allow-presentation: 9

Allows embedders to have control over whether an iframe can start a presentation session.

allow-same-origin: 3

Allows the document to maintain its origin. Pages loaded from https://example.com/ will retain access to that origin’s data.

allow-scripts: 4

Allows JavaScript execution. Also allows features to trigger automatically (as they’d be trivial to implement via JavaScript).

allow-top-navigation: 5

Allows the document to break out of the frame by navigating the top-level window.

allow-top-navigation-by-user-activation: 10

Allows the embedded browsing context to navigate (load) content to the top-level browsing context only when initiated by a user gesture. If this keyword is not used, this operation is not allowed.