You are creating a blog site by using HTML5 and JavaScript. An inline frame enables users to post comments. It is possible for users to inject malicious scripts into their comments.
You need to minimize the ability for malicious scripts to execute on the site.
Which line of code should you use?
A.
<
iframe sandbox src=-frame1.html-
><
/iframe
>
B.
<
iframe seamless=-allowscripts- src=-frame1.html-
><
/iframe
>
C.
<
iframe seamlesssrc=-frame1.html-
><
/iframe
>
D.
<
iframe sandbox=-allowscripts- src-frame1.html-x/iframe
>
Explanation:
The sandbox attribute enables an extra set of restrictions for the content in the iframe.
Syntax
<
iframe sandbox=-value-
>
Attribute Values
novalue: Applies all restrictions
etc.
No attribute value: allowscripts (not D)
Reference: HTML
<
iframe
>
sandbox Attribute