From MozillaWiki
Jump to: navigation, search


(work in progress)

Problem Summary

HTML5 defines a "sandbox" mode for <iframe>, which disables certain features, such as scripting, form submission, and plugins. For some of these, such as scripting, an opt-in feature is available, but there is none for plugins.

Existing Discussion and Documentation

HTML5 iframe element [1]

HTML WG discussion thread on public-html [2]

API Requirements

  • It should be possible to find out whether the plugin knows about sandboxing as early as possible
    • Q: not sure whether this needs to be possible before Initialization
  • We need to be able to pass the various "opt-out" switches into the plugin instance
    • Q: does this need to happen at instantiation, or is it sufficient to do that before content is loaded?
  • Q: Do we need a more fine grained set of "sandbox flags" for plugins? Scripting? Network access? Other?

Current Proposal