Block modal dialogs inside a sandboxed iframe.

Security

Folks in Google's anti-malvertising team would like to be able to prevent sandboxed frames from popping up confusing, modal messages to users. This includes things like `alert()`, `confirm()`, and `prompt()` (and `print()` (and maybe authentication dialogs)).

Demo

https://googlechrome.github.io/samples/block-modal-dialogs-sandboxed-iframe/index.html

Documentation

https://lists.w3.org/Archives/Public/public-whatwg-archive/2015May/0035.html
https://www.w3.org/Bugs/Public/show_bug.cgi?id=28818
https://developer.mozilla.org/en-US/docs/Web/API/Window/alert
https://developer.mozilla.org/en-US/docs/Web/API/Window/confirm
https://developer.mozilla.org/en-US/docs/Web/API/Window/prompt
https://developer.mozilla.org/en-US/docs/Web/API/Window/print

Status in Chromium

Blink components: Blink

Enabled by default (tracking bug) in:

Chrome for desktop release 46
Chrome for Android release 46
Android WebView release 46

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No public signals
Edge: No public signals
Safari: No public signals
Web Developers: Positive

Owner

mkwst@chromium.org

Last updated on 2017-06-14