The current HTML5 specification documents a set of sandbox flags that are not currently supported in WebKit: 1. Storage area URLs 2. document.domain browsing context (see Bug 175281) 3. Modals flag (relax via "allow-modals") 4. Orientation lock (relax via "allow-orientation-lock") 5. Presentation mode (relax via "allow-presentation") We should implement these protections as well.
Note that allow-modals is handled by Bug 171321.
The “allow-popups-to-escape-sandbox” flag is now implemented, see bug #158875
allow-top-navigation-by-user-activation was handled in bug 171327