On Wed, Sep 30, 2015 at 4:56 PM, James M. Greene <james.m.gre...@gmail.com> wrote:
> While investigating, I ended up creating a JS library called *sandblaster* > [1] to assist me in analyzing We should probably just provide a mechanism for reading the currently active sandboxing flags. You shouldn't have to write pages of code to get that data. Somewhat the inverse of https://www.w3.org/Bugs/Public/show_bug.cgi?id=29061. > *aaaaand* potentially modifying/dismantling > iframe sandboxes. > Are you able to do this in any cases other than `allow-same-origin` and `allow-scripts`? If so, we should fix them. :) Thanks for putting this together! -mike