Intent to prototype and ship: Block external protocols in sandboxed iframes
Paul Zühlcke
Summary:
Restrict opening external protocols from sandboxed iframes. In order to open external protocols sandboxed BrowsingContexts need to have any of the following sandbox flags:
allow-top-navigation-to-custom-protocols
allow-popups
allow-top-navigation
allow-top-navigation-with-user-activation
Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1735746
Specification: https://html.spec.whatwg.org/#hand-off-to-external-software
Discussion: https://github.com/whatwg/html/issues/2191
Platform coverage: all
Preference: dom.block_external_protocol_navigation_from_sandbox
Other browsers:
Blink: Intent to Ship
WebKit: Patch
web-platform-tests:
Not currently covered by WPT. I’ve filed a bug for adding a test: https://bugzilla.mozilla.org/show_bug.cgi?id=1762420 However, it is unclear if it’s possible to test external protocols with the current test wrapper.
I'm planning to land a patch for Nightly in the coming days and later enable it in Release if we don't run into major web compat issues.
Please reach out if you have any questions or concerns about this change.
Frederik Braun
Summary:
Restrict opening external protocols from sandboxed iframes. In order to open external protocols sandboxed BrowsingContexts need to have any of the following sandbox flags:
allow-top-navigation-to-custom-protocols
allow-popups
allow-top-navigation
allow-top-navigation-with-user-activation
Does this imply we do not support the “allow-custom-protocol-navigation” flag that Chrome and Safari introduced?