Chen Jian's Java Blog 

What will the window.origin be in html5 sandbox iframes?

by Chen Jian


Posted on 2018-06-22 09:05 in Frontend


I did a test about this.


If
  • Your site is www.host.com
  • The iframe src is also www.host.com
Then
  • sanbox + "allow-same-orign" enabled => window.origin will be "www.host.com"
  • sanbox + "allow-same-orign" DISABLED => window.origin will be null

If
  • Your site is www.host.com
  • The iframe src is www.guest.com
Then
  • sanbox + "allow-same-orign" => window.origin will be "www.guest.com"
  • sanbox + "allow-same-orign" DISABLED => window.origin will be null



No one has commented yet.
该日志评论功能被禁用了。