HTMLIFrameElement:sandbox 属性

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.

HTMLIFrameElement 接口的 sandbox 只读属性返回表示对嵌套内容行为的限制的 DOMTokenList

它表示 <iframe> 元素的 sandbox 属性。

DOMTokenList。每项必须是 <iframe> 元素的 sandbox 属性列出的令牌之一。

示例

html
<iframe
  id="el"
  title="example"
  src="https://example.com"
  sandbox="allow-same-origin allow-scripts"></iframe>
js
const el = document.getElementById("el");
console.log(Array.from(el.sandbox)); // 输出:["allow-same-origin", "allow-scripts"]

el.sandbox = "";
console.log(Array.from(el.sandbox)); // 输出:[]

规范

Specification
HTML
# dom-iframe-sandbox

浏览器兼容性

Report problems with this compatibility data on GitHub
desktopmobile
Chrome
Edge
Firefox
Opera
Safari
Chrome Android
Firefox for Android
Opera Android
Safari on iOS
Samsung Internet
WebView Android
WebView on iOS
sandbox

Legend

Tip: you can click/tap on a cell for more information.

Full support
Full support
See implementation notes.