If iframe is considered safe enough and is generally allowed, there is no point to (generally) disallow iframe. This is the basic logic: iframe is no more open than a normal iframe. Note that all those malicious addons are made by developers like us so they may try to persuade them the same way you do! So reviewer needs to be able distinguish who is good and who is bad! The reviewers are skilled people so if you give them bad arguments than you sound suspicious. The request of replacing it with a normal iframe will break this protection and introduce security hazards.Īs the policy never restrict normal frames, please re-evaluate the rationale and necessity of forbidding sandboxed iframes with attributes ‘allow-scripts’ and ‘allow-same-origin’. The point of using a sandboxed iframe instead of a normal iframe is for restricting form submission and top frame navigation (via link etc.). My extension runs scripts in the iframe, and it won’t work without “allow-scripts” and “allow-same-origin”. As a result, this restriction won’t bring any help on security. However, as my extension scripts won’t do something as silly as breaking the sandbox, a sandboxed iframe is still more restrictive than a normal iframe, which is not considered unacceptable. I am fully aware that a sandboxed iframe with attributes ‘allow-scripts’ and ‘allow-same-origin’ generally means that any script can be run in it, and the script can possibly modify the sandbox attribute, making the whole sandbox breakable. This applies to normal extension pages and normal frames, and sandboxed iframes (even though scripts are allowed) are no different from them. I would argue that this restriction is pointless, and even worse, it makes extensions less secure.Īs extensions are protected by the content security policy, only explicit extension scripts may be run and no external or arbitrary scripts are possible. He also said that I may simply remove the sandbox attribute of the iframe, i.e. The PickerBuilder and pass in the origin reviewer has rejected my addon with the reason: Sandboxed iframes with attributes ‘allow-scripts’ and ‘allow-same-origin’ are not allowed for security reasons. When using the Picker API, you must now call setOrigin() when constructing Must be changed to load this library explicitly, as in the following example: Scripts that relied on automatic loading of the native loader library api.js Native Javascript loader library must be explicitly loaded Page content in the following top-level tags: To make sure your project pages are served correctly using IFRAME, wrap your Under NATIVE (and EMULATED) sandbox mode, certain HTML tags would beĪutomatically added to an Apps Script. You can also override this attribute using the tag within the head Var template = HtmlService.createTemplateFromFile('top') In the IFRAME mode you need to set the link target attribute to either _top or _blank: These differences are detailed in the following sections. Form submission are no longer prevented by default.Some older browsers, including IE9, are not supported.SetOrigin() because content is served from a new domain The Google native loader library api.js doesn't load automatically in.HTML files served by the HTML Service must include.You now must override the link's target attribute using target="_top" or.Make changes for IFRAME mode, to address the following differences: Modes now use the newer IFRAME mode automatically.Īpps that previously used these older modes with the HTML Service may need to Sandbox modes are now sunset except for IFRAME. To provide protective isolation for Google Workspace
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |