@simon the table at the bottom of...

Simon's posts Post Back to profile

Top-level

Jake Archibald

@simon the table at the bottom of https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe is decent

Like 26 October at 14:41 | Wall-to-wall | Open on mastodon.social

4 comments

Simon Willison

@jaffathecake it's the best I've seen but it still leaves me with so many questions... how good is browser support for each of those allowX things? What do browser security experts advise in terms of using them?

I'm really paranoid :/

26 October at 14:45 | Open on fedi.simonwillison.net

Jake Archibald

@simon the browser support for the various allow features is in the table at the end of the page

26 October at 14:49 | Open on mastodon.social

Simon Willison

@jaffathecake wow I missed that! Thank you, this helps a LOT

26 October at 14:51 | Open on fedi.simonwillison.net

Frederik Braun �

@simon @jaffathecake if you just want the SVG displayed, put them in an <img> tag. Otherwise, your favorite sanitizer library DOMPurify has great SVG support. (Iframe sandbox works really great too!!)

26 October at 15:07 | Open on social.security.plumbing

Go Up