THE WORLD'S LARGEST WEB DEVELOPER SITE
HTMLCSSJAVASCRIPTSQLPHPBOOTSTRAPJQUERYANGULARXML
TUTORIALS REFERENCES EXAMPLES
 

HTML <iframe> sandbox Attribute

HTML iframe Tag Reference HTML <iframe> tag

Example

An <iframe> with extra restrictions:

<iframe src="demo_iframe_sandbox.htm" sandbox></iframe>
Try it yourself »

More "Try it Yourself" examples below.

Definition and Usage

The sandbox attribute enables an extra set of restrictions for the content in the iframe.

When the sandbox attribute is present, and it will:

  • treat the content as being from a unique origin
  • block form submission
  • block script execution
  • disable APIs
  • prevent links from targeting other browsing contexts
  • prevent content from using plugins (through <embed>, <object>, <applet>, or other)
  • prevent the content to navigate its top-level browsing context
  • block automatically triggered features (such as automatically playing a video or automatically focusing a form control)

The value of the sandbox attribute can either be just sandbox (then all restrictions are applied), or a space-separated list of pre-defined values that will REMOVE the particular restrictions.

Browser Support

The numbers in the table specify the first browser version that fully supports the attribute.

Attribute
sandbox 4.0 10.0 17.0 5.0 15.0

Differences Between HTML 4.01 and HTML5

The sandbox attribute is new in HTML5.

Syntax

<iframe sandbox="value">

Attribute Values

Value Description
(no value) Applies all restrictions
allow-forms Re-enables form submission
allow-pointer-lock Re-enables APIs
allow-popups Re-enables popups
allow-same-origin Allows the iframe content to be treated as being from the same origin
allow-scripts Re-enables scripts
allow-top-navigation Allows the iframe content to navigate its top-level browsing context
Examples

More Examples

Example

An <iframe> sandbox allowing form submission:

<iframe src="demo_iframe_sandbox_form.htm" sandbox="allow-forms"></iframe>
Try it yourself »

Example

An <iframe> sandbox allowing scripts and access to server content:

<iframe src="demo_iframe_sandbox_origin.htm" sandbox="allow-same-origin allow-scripts"></iframe>
Try it yourself »
HTML iframe Tag Reference HTML <iframe> tag
PRINT PAGE
ABOUT

Top 10 Tutorials

HTML Tutorial
CSS Tutorial
JavaScript Tutorial
W3.CSS Tutorial
Bootstrap Tutorial
SQL Tutorial
PHP Tutorial
jQuery Tutorial
Angular Tutorial
XML Tutorial

Top 10 References

HTML Reference
CSS Reference
JavaScript Reference
W3.CSS Reference
Browser Statistics
PHP Reference
HTML Colors
HTML Character Sets
jQuery Reference
AngularJS Reference

Top 10 Examples

HTML Examples
CSS Examples
JavaScript Examples
W3.CSS Examples
HTML DOM Examples
PHP Examples
jQuery Examples
ASP Examples
XML Examples
SVG Examples

Web Certificates

HTML Certificate
HTML5 Certificate
CSS Certificate
JavaScript Certificate
jQuery Certificate
PHP Certificate
Bootstrap Certificate
XML Certificate
W3Schools is optimized for learning, testing, and training. Examples might be simplified to improve reading and basic understanding. Tutorials, references, and examples are constantly reviewed to avoid errors, but we cannot warrant full correctness of all content. While using this site, you agree to have read and accepted our terms of use, cookie and privacy policy. Copyright 1999-2016 by Refsnes Data. All Rights Reserved.
Powered by W3.CSS.

W3Schools.com