HTMLIFrameElement：sandbox 属性

Baseline Widely available

This feature is well established and works across many devices and browser versions. It’s been available across browsers since July 2015.

Learn more
See full compatibility
Report feedback

HTMLIFrameElement 接口的 sandbox 只读属性返回表示对嵌套内容行为的限制的 DOMTokenList。

它表示 <iframe> 元素的 sandbox 属性。

值

DOMTokenList。每项必须是 <iframe> 元素的 sandbox 属性列出的令牌之一。

示例

html

<iframe
  id="el"
  title="example"
  src="https://example.com"
  sandbox="allow-same-origin allow-scripts"></iframe>

const el = document.getElementById("el");
console.log(Array.from(el.sandbox)); // 输出：["allow-same-origin", "allow-scripts"]

el.sandbox = "";
console.log(Array.from(el.sandbox)); // 输出：[]

规范

Specification
HTML Standard # dom-iframe-sandbox

浏览器兼容性

BCD tables only load in the browser