Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for sandbox attribute on router outlet to restrict privileges of embedded content #214

Open
danielwiehl opened this issue Dec 23, 2022 · 0 comments

Comments

@danielwiehl
Copy link
Collaborator

danielwiehl commented Dec 23, 2022

Is your feature request related to a problem? Please describe.

By specifying the "sandbox" attribute on an iframe, we can control the privileges of embedded content, for example, to load it in a low-privilege environment to mitigate the risks of potential attacks.

Since the custom element encloses the iframe, we cannot set the "sandbox" attribute. The platform should provide API to set it accordingly.

Describe the solution you'd like

  • sandbox attribute on sci-router-outlet to specify the privileges of embedded content
  • sandbox property on microfrontend capability to specify the privileges of the microfrontend; if specified, the platform applies it to the iframe into which the microfrontend is loaded during navigation
  • consider adding a boolean property to MicrofrontendPlatformConfig to enforce setting a sandbox policy

Additional context

@danielwiehl danielwiehl changed the title Enable configuration of restrictions for content loaded into sci-router-outlet (sandbox) Add support for sandbox attribute on router outlet to restrict privileges of embedded content Dec 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant