Overview
The iframe created to detect if omid is present, or not, does not contain a sandbox attribute.
Current output:
<iframe id="omid_v1_present" name="omid_v1_present" style="display: none;">
...
</iframe>
Desired output:
<iframe id="omid_v1_present" name="omid_v1_present" style="display: none;" sandbox>
...
</iframe>
Code reference.
Why is this a problem?
This is a problem because the sandbox attribute "controls the restrictions applied to the content embedded in the <iframe>" (ref). Although this iframe only exists so that verification scripts can detect if omid is present, it is best practice to enable all iframe restrictions.
What can be done?
Add sandbox to the iframe.
Overview
The iframe created to detect if omid is present, or not, does not contain a
sandboxattribute.Current output:
Desired output:
Code reference.
Why is this a problem?
This is a problem because the
sandboxattribute "controls the restrictions applied to the content embedded in the <iframe>" (ref). Although this iframe only exists so that verification scripts can detect if omid is present, it is best practice to enable all iframe restrictions.What can be done?
Add
sandboxto the iframe.