Sandbox CSS attribute of iFrame in Intel XDK

The Sandbox attribute provides security to your application. Sandbox attribute is like police and it restricts the iFrame related detrimental activities. Sandbox without a value applies all restrictions. You can enable one or more values for Sandbox such as, allow-forms, allow-popups, allow-same-origin, allow scripts etc.

With Sandbox attribute present:

Iframe content is assumed to be from a unique origin
You cannot submit a form
You cannot run  script
API's are disabled
Cannot have links targeting other browser context
No plugins allowed (object, applet etc)
Will block automatically triggered media features like playing a video or audio.

iFrame can take many attributes including Sandbox.

iframe {
 border: 8px solid red;
 padding: .5rem;
 margin: 1rem;
 box-shadow: 20px 20px 10px #888888;
 width: 300;
 height: 100;
 Sandbox;
}

Intel XDK has a < ifr/> widget described in my earlier posts.

Here I describe how it works in Intel XDK.

1. IntelXDK does not correctly point to the correct src attribute as displayed in your design.

The iFrame element in the design has its source called SandboxTest1.html. The html page has a script that is run when the Test Script is clicked. The No pop-ups is used for testing some scripts on the page.

iFrame_00
However, the following code which should bring up the correct source brings up a different URL.

alert(document.getElementById("ifr").src); The id of the iFrame being "ifr"

There is a srcdoc attribute which brings up an empty response.

The above alert brings up the following response:

iFrame_01

2. The following HTML code for the <iframe/> does allow the script to run. The Test Script button  can run the code


3. Now I change the HTML fragment to include Sandbox as shown.

This works like it is intended. The script cannot run.

4. The various restrictions on the <iframe/> appears to be only four of the CSS3 attributes as shown here:


iframe_03

Comments

Post a Comment

Popular posts from this blog

Deploying a Universal Windows Project to Lumia 950

Image
We will be using the Lumia 950 as the connected device and it has been set to Developer Mode as described earlier. We start with the HelloWorld Universal Windows Project(UWP) that has been tested to run without errors on the Local Machine as described here. Open the project in Visual Studio 2017 as shown. LumiaDeploy_0 and LumiaDeploy_7 Build (Using Menu Build and its context menu) the Project and verify it is successful. -------- 1>------ Build started: Project: HelloWorld, Configuration: Debug x86 ------ 1>  HelloWorld -> C:\Users\Owner\source\repos\HelloWorld\HelloWorld\bin\x86\Debug\HelloWorld.exe ========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ===== ------------------ Click Local Machine along Debug as shown. LumiaDeploy_1 Pick Device from the list, the display changes as shown. LumiaDeploy_2 Connect your Windows 10 Mobile(Lumia 950) to one of the USB ports. This will result in an
Read more

Event Code: UI design with XAML in Visual Studio 2017 - 2

Image
I assume you have followed me with this post here: http://hodentekhelp.blogspot.com/2017/12/how-do-i-configure-button-in-xaml.html After reading the above you will see that you start with an empty project whose code is shown here: WinPhoneStep1 In the final step you will have achieved this: WinPhoneStep11 This project when deployed will just show a button as in the above and nothing more: WinPhoneStep13 Writing code for a click event of this button. Let us first give a name for this button, like ClickMe . When you highlight the button in the design by clicking it, the Property pane opens where you can write the name you want as shown. winPhoneStep20 In the XAML code the Button gets a qualifier x:Name="ClickMe" as shown here: Now enter the Click event to the code by just enter "cl" after a space as shown and the intellisense kicks-in showing your options as shown. winPhoneStep22.png You pi
Read more

Towards cross-platform development..

There are lots and lots of Apps. In fact there are over a couple of million Apps including all of the major brands, Apple, Google, Blackberry, Microsoft with Apple at the top and Microsoft in the bottom. But this is a growing market. The variety is truly bewildering, different size devices; different operating systems(OS); different programming languages;  and different orientations. This post is not very recent but you can see how the various mobile operating systems compare: http://www.ibtimes.com/android-vs-ios-whats-most-popular-mobile-operating-system-your-country-1464892 The interactive image in the article really shows the popularity of a given OS/device among different geographical regions. Windows Phone Apps is for example based on Microsoft's Window 7, 8, 8.1 OSs using .NET. With Windows OS and Visual Studio one can build Apps for all of Microsoft devices covering Phone, Tablet and Desktop. However Microsoft Windows Apps sans Html5/CSS/Javascript is OS specific. E
Read more