Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sandbox iframe in fileupload #6691

Merged
merged 1 commit into from
Nov 24, 2023
Merged

sandbox iframe in fileupload #6691

merged 1 commit into from
Nov 24, 2023

Conversation

khavinshankar
Copy link
Member

Add sandbox attribute to secure iframe in file upload

@khavinshankar khavinshankar requested a review from a team November 22, 2023 14:32
@khavinshankar khavinshankar requested a review from a team as a code owner November 22, 2023 14:32
@vercel Vercel
Copy link

vercel bot commented Nov 22, 2023

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Updated (UTC)
care-storybook ✅ Ready (Inspect) Visit Preview Nov 22, 2023 2:32pm

@netlify Netlify
Copy link

netlify bot commented Nov 22, 2023
edited
Loading

Deploy Preview for care-egov-staging ready!

Name Link
🔨 Latest commit e3f1682
🔍 Latest deploy log https://app.netlify.com/sites/care-egov-staging/deploys/655e10ecd40a7300081d5f53
😎 Deploy Preview https://deploy-preview-6691--care-egov-staging.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@Ashesh3
Copy link
Member

Ashesh3 commented Nov 22, 2023

For added context,

When the sandbox attribute is present, it will:

  • treat the content as being from a unique origin
  • block form submission
  • block script execution
  • disable APIs
  • prevent links from targeting other browsing contexts
  • prevent content from using plugins (through <embed>, <object>, <applet>, or other)
  • prevent the content to navigate its top-level browsing context
  • block automatically triggered features (such as automatically playing a video or automatically focusing a form control)

@khavinshankar khavinshankar added reviewed reviewed by a core member needs testing and removed needs review labels Nov 22, 2023
@cypress Cypress
Copy link

cypress bot commented Nov 22, 2023

Passing run #1598 ↗︎

0 85 0 0 Flakiness 0

Details:

sandbox iframe in fileupload
Project: CARE Commit: e3f1682303
Status: Passed Duration: 02:17 💡
Started: Nov 22, 2023 8:53 PM Ended: Nov 22, 2023 8:56 PM

Review all test suite changes for PR #6691 ↗︎

@nihal467
Copy link
Member

LGTM

@khavinshankar khavinshankar merged commit 83b6d1f into develop Nov 24, 2023
60 of 61 checks passed
@khavinshankar khavinshankar deleted the iframe branch November 24, 2023 11:33
@github-actions GitHub Actions
Copy link

@khavinshankar We truly appreciate your efforts. Thank you for taking the time to contribute; this is a very valuable contribution to us 🥇. We always welcome your contribution 🙂, so feel free to contribute to anything anytime, and never lose that spirit of innovation 🙌.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Ashesh3 Ashesh3 Ashesh3 approved these changes

@gigincg gigincg gigincg approved these changes

@rithviknishad rithviknishad rithviknishad approved these changes

@bodhish bodhish Awaiting requested review from bodhish

Assignees
No one assigned
Labels
reviewed reviewed by a core member tested
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@khavinshankar @Ashesh3 @nihal467 @gigincg @rithviknishad