From 620973349798eb1b1761436f41ba4f94de0ca581 Mon Sep 17 00:00:00 2001 From: Yuri Kuznetsov Date: Wed, 26 Feb 2025 21:51:59 +0200 Subject: [PATCH] wysiwyg iframe sandbox --- client/src/views/fields/wysiwyg.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/src/views/fields/wysiwyg.js b/client/src/views/fields/wysiwyg.js index 2cdf170eea..3ece4edf89 100644 --- a/client/src/views/fields/wysiwyg.js +++ b/client/src/views/fields/wysiwyg.js @@ -365,6 +365,8 @@ class WysiwygFieldView extends TextFieldView { /** @type {HTMLIFrameElement} */ const iframeElement = this.iframe = $iframe.get(0); + iframeElement.setAttribute('sandbox', ''); + if (!iframeElement || !iframeElement.contentWindow) { return; }