This repository has been archived by the owner on Jun 4, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
receiver/iframe: don't sandbox iframes
This may seem a good idea to avoid iframes doing crazy stuff but some perfectly valid uses are just blocked. For example, it is not possible for an iframe to change its origin to a super domain (edition.cnn.com is not allowed to change its domain to cnn.com when it should).
- Loading branch information