The following iframes contain a page to test some actions
the top frame). These actions are all permitted for unsandboxed frames
and (by default) all forbidden for sandboxed frames. You can use some
allow-* flags to relax these restrictions one by one.
By default, popups opened from a sandboxed frames have the
same restrictions as the frame.
This is sometimes not wanted e.g. for the landing page of trusted ads.
allow-popup-to-escape-sandbox flag allows the popups
to be opened in a new unsandboxed context. Click the
"Open this page as a popup" links to see the effect of that flag:
allow-top-navigation has been used to perform malicious
redirection of the top frame without the user's permission. The
allow-top-navigation-by-user-activation provides a safer flag
which only allows redirections triggered by user actions. The
"Navigate top frame" button should work in both cases but the
"Open a popup to test top navigation without user activation" should
be blocked for
allow-scripts allow-popups allow-top-navigation:
allow-scripts allow-popups allow-top-navigation-by-user-activation:
Opening modal dialogs used to always be permitted for sandboxed frames.
In more recent versions of the HTML specification, an
allow-modals flag is introduced to explicitly request
permission to open such modal dialogs, hence providing better safety by