'allow-top-navigation-by-user-activation' <iframe sandbox> keyword

Adds a new keyword named "allow-top-navigation-by-user-activation" for iframe sandbox, which requires a user activation (or gesture) being processed to trigger a top-level navigation. This change would enable more use cases of sandboxing untrusted third-party contents (eg., ads) by allowing top navigation while blocking malicious auto-redirecting, and thus help building a safer internet (eg., a safer ads ecosystem in which all ads could be sandboxed to prevent unexpected malicious behaviors like

Demo

Documentation

Specification

Established standard

Status in Chromium

Blink


Enabled by default (launch bug) in:

  • Chrome for desktop release 58
  • Chrome for Android release 58
  • Android WebView release 58
  • Opera release 45
  • Opera for Android release 45

Consensus & Standardization

Owners

Last updated on 2017-06-14