39219 2010-05-17 08:23:48 -0700 Offer user option to override sandbox plugin flag 2023-07-28 10:10:49 -0700 1 1 1 Unclassified WebKit Frames 528+ (Nightly build) All OS X 10.5 RESOLVED WONTFIX http://173.203.83.120/sandbox-bug P2 Normal --- 0 arturadib webkit-unassigned abarth ahmad.saleem792 ap beidson ian oldest_to_newest 226770 0 arturadib 2010-05-17 08:23:48 -0700 When an iframe is sandboxed, WebKit is setting the "plugins browsing context flag", as per the HTML5 doc (http://www.whatwg.org/specs/web-apps/current-work/#sandboxed-plugins-browsing-context-flag). However, no option is being offered for the user to override the flag. According to the HTML5 doc (http://www.whatwg.org/specs/web-apps/current-work/#the-embed-element), if the sandboxed plugin flag is set: "The user agent may offer the user the option to override the sandbox and instantiate the plugin anyway; if the user invokes such an option, the user agent must act as if the conditions above did not apply for the purposes of this element." The absence of this option renders several plugin-based sites unusable, such as those with embedded YouTube videos (see example URL: http://173.203.83.120/sandbox-bug). (Alternatively, perhaps WebKit can offer another sandbox option, like "allow-plugins"?) 227900 1 beidson 2010-05-19 11:10:20 -0700 (In reply to comment #0) > When an iframe is sandboxed, WebKit is setting the "plugins browsing context flag" ... > > However, no option is being offered for the user to override the flag. According to the HTML5 doc (http://www.whatwg.org/specs/web-apps/current-work/#the-embed-element), if the sandboxed plugin flag is set: > > "The user agent may offer the user the option to override the sandbox and instantiate the plugin anyway; if the user invokes such an option, the user agent must act as if the conditions above did not apply for the purposes of this element." > > The absence of this option renders several plugin-based sites unusable, such as those with embedded YouTube videos (see example URL: http://173.203.83.120/sandbox-bug). It doesn't render the site unusable. It renders the site unusable from within a sandboxed iframe. Why not visit YouTube directly? > (Alternatively, perhaps WebKit can offer another sandbox option, like "allow-plugins"?) This is possible, and when learning about sandboxing very recently, I was surprised it *wasn't* an option. Perhaps poking WhatWG and Hixie about this would be worthwhile. 227908 2 arturadib 2010-05-19 11:29:05 -0700 The "allow-scripts" option makes sense and would suit my needs, but I wonder if asking the user would be useful for other applications. I don't see why not; it's already in the HTML5 specs. Can anyone chime in on the possible issues with "allow-scripts"? (In reply to comment #1) > > This is possible, and when learning about sandboxing very recently, I was surprised it *wasn't* an option. Perhaps poking WhatWG and Hixie about this would be worthwhile. 231724 3 arturadib 2010-05-28 08:40:28 -0700 I meant "allow-plugins", of course. (In reply to comment #2) > The "allow-scripts" option makes sense and would suit my needs, but I wonder if asking the user would be useful for other applications. I don't see why not; it's already in the HTML5 specs. > > Can anyone chime in on the possible issues with "allow-scripts"? > > > (In reply to comment #1) > > > > This is possible, and when learning about sandboxing very recently, I was surprised it *wasn't* an option. Perhaps poking WhatWG and Hixie about this would be worthwhile. 231780 4 abarth 2010-05-28 10:35:16 -0700 I believe the issue is that plugins don't understand @sandbox and therefore could be used to defeat its security properties. The working group has discussed this issue, and I think the conclusion was that we should hold off on adding this feature until at least one plugin understands the sandbox security model. 1968326 5 ahmad.saleem792 2023-07-26 15:05:48 -0700 Plugins are gone - so is this applicable in any other context?