Add attribute allow-top-navigation-by-user-activation to iframe sandbox

Won’t fix Issue #14609256


Bin L.
Nov 10, 2017
This issue is public.
Found in
  • Microsoft Edge
  • Internet Explorer
Reported by 2 people

Sign in to watch or report this issue.

Steps to reproduce

Description Bin Lu 2017-04-26 09:12:35 PDT
There is a new attribute proposed to iframe sandbox:

This is a follow-up work of:

The new attribute requires a user activation (or gesture) being processed to trigger a top-level navigation. This change would enable more use cases of sandboxing untrusted third-party contents (eg., ads) by allowing top navigation while blocking malicious auto-redirecting, and thus help building a safer internet (eg., a safer ads ecosystem in which all ads could be sandboxed to prevent unexpected malicious behaviors like plugin exploits, auto-redirects, file downloading, modal dialogs, etc).

Demo link (Available in Chrome 58+):

For more context:


0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “James M.”

    • Hello,

      Thank you for providing this information about the issue. We are best suited to test and correct broken features for future releases of MS Edge. Please feel welcome to submit your request at where other developers can up-vote your suggestion.

      Best Wishes,
      The MS Edge Team

    • Microsoft Edge Team

      Changed Status to “Won’t fix”

    You need to sign in to your Microsoft account to add a comment.

    Sign in