Better iFrame sandboxing

https://feedback.yaak.app/p/completely-white-ui
This commit is contained in:
Gregory Schier
2025-08-02 09:47:34 -07:00
parent b71bc2cc92
commit 5d5f9cc943
@@ -21,9 +21,10 @@ export function WebPageViewer({ response }: Props) {
<div className="h-full pb-3"> <div className="h-full pb-3">
<iframe <iframe
key={body ? 'has-body' : 'no-body'} key={body ? 'has-body' : 'no-body'}
title="Response preview" title="Yaak response preview"
srcDoc={contentForIframe} srcDoc={contentForIframe}
sandbox="allow-scripts allow-same-origin" sandbox="allow-scripts allow-forms"
referrerPolicy="no-referrer"
className="h-full w-full rounded border border-border-subtle" className="h-full w-full rounded border border-border-subtle"
/> />
</div> </div>