HTMLIFrameElement: sandbox property
Baseline Widely available
This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.
The sandbox
read-only property of the HTMLIFrameElement
interface returns a DOMTokenList
indicating extra restrictions on the behavior of the nested content.
It reflects the sandbox
attribute of the <iframe>
element.
Value
A DOMTokenList
. Each item must be one of the tokens listed in the sandbox
attribute of the <iframe>
element.
Examples
html
<iframe
id="el"
title="example"
src="https://example.com"
sandbox="allow-same-origin allow-scripts"></iframe>
js
const el = document.getElementById("el");
console.log(Array.from(el.sandbox)); // Output: ["allow-same-origin", "allow-scripts"]
el.sandbox = "";
console.log(Array.from(el.sandbox)); // Output: []
Specifications
Specification |
---|
HTML Standard # dom-iframe-sandbox |
Browser compatibility
Report problems with this compatibility data on GitHubdesktop | mobile | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
sandbox |
Legend
Tip: you can click/tap on a cell for more information.
- Full support
- Full support
- See implementation notes.
The compatibility table on this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.