: New feature! MozillaWiki is now mobile-friendly. Visit from a mobile device to see new mobile theme + try editing. Release details.

Security/Iframe Sandbox allow-popups

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.


allow-popups (part of iframe sandbox)
Stage Shipped
Status Complete
Release target Firefox 27
Health OK
Status note `


Product manager Sid Stamm
Directly Responsible Individual Bob Owen
Lead engineer Bob Owen
Security lead Sid Stamm
Privacy lead `
Localization lead `
Accessibility lead `
QA lead `
UX lead `
Product marketing lead `
Operations lead `
Additional members Ian Melven (can mentor)

Open issues/risks

ID Summary Status
939642 Intermittent test_iframe_sandbox_popups_inheritance.html | Test timed out (and more) NEW

1 Total; 1 Open (100%); 0 Resolved (0%); 0 Verified (0%);

Stage 1: Definition

1. Feature overview

Using the iframe sandbox plumbing, developers want the ability to let an iframe cause popups.

W3C working group change proposal

See bug 766282#c1

2. Users & use cases

From the w3 change proposal: "As a simple example, consider hosting a maps control in a page. The maps control is hosted from another domain and outside the hosting author’s control. Such a mash-up is a perfect use case for HTML5 Sandbox. However, many of these types of controls include links that are targeted to open in a new browsing context. There is an example of such a scenario at the IE Test Drive site (requires an HTML5 Sandbox supporting browser, such as IE10 Platform Preview 2, Chrome, or Safari)."

3. Dependencies


4. Requirements




Stage 2: Design

5. Functional specification


6. User experience design


Stage 3: Planning

7. Implementation plan


8. Reviews

Security review


Privacy review


Localization review




Quality Assurance review


Operations review


Stage 4: Development

9. Implementation


Stage 5: Release

10. Landing criteria


The given value was not understood.

Feature details

Priority P3
Rank 999
Theme / Goal Web Hardening
Roadmap Security
Secondary roadmap `
Feature list `
Project `
Engineering team `
The given value was not understood.

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `
The given value was not understood.