Untitled

AttributeDescription
allow-scripts
Lets the resource run scripts (but not create popup windows).
allow-forms
Allows the resource to submit forms. If this keyword is not used, form submission is blocked.
allow-popups
Allows popups (such as window.open(), target=”_blank”, or showModalDialog()). If this keyword is not used, the popup will silently fail to open.
allow-popups-to-escape-sandbox
Lets the sandboxed document open new windows without those windows inheriting the sandboxing. For example, this can safely sandbox an advertisement without forcing the same restrictions upon the page the ad links to.
allow-top-navigation-by-user-activation
Lets the resource navigate the top-level browsing context, but only if initiated by a user gesture.
allow-downloads
Allows for downloads to occur with a gesture from the user.
allow-modals
Lets the resource open modal windows.
allow-presentation
Lets the resource start a presentation session.
allow-same-origin
If this token is not used, the resource is treated as being from a special origin that always fails the same-origin policy (potentially preventing access to data storage/cookies and some JavaScript APIs).