Gates sandboxed iframe navigation toward external protocol behind any of: - allow-popups - allow-top-navigation - allow-top-navigation-with-user-activation (+ user activation) Motivation: Sandboxed iframe navigation are allowed, because they stay within the iframe. However when they lead to opening an external application, this can be seen as a new popup or a new top-level navigation somehow. Extending sandbox scope here, resolves issues with malicious advertisers among others.
Proposal in a personal repository, no adoption from community
Status in Chromium
In developer trial (Behind a flag)
Consensus & Standardization
Last updated on 2022-01-04