'allow-top-navigation-by-user-activation' <iframe sandbox> keyword

Adds a new keyword named "allow-top-navigation-by-user-activation" for iframe sandbox, which requires a user activation (or gesture) being processed to trigger a top-level navigation. This change would enable more use cases of sandboxing untrusted third-party contents (eg., ads) by allowing top navigation while blocking malicious auto-redirecting, and thus help building a safer internet (eg., a safer ads ecosystem in which all ads could be sandboxed to prevent unexpected malicious behaviors like

Demos

Documentation

Specification

Established standard

Status in Chromium

Enabled by default (launch bug) in:

  • Chrome for desktop release 58
  • Chrome for Android release 58
  • Android WebView release 58
  • Opera release 45
  • Opera for Android release 45

Consensus & Standardization

Owners

Last updated on 2017-04-27