1c0255ab12
This allows almost all the iframe sandbox tokens https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/iframe#sandbox except notably for allow-top-navigation* Note: allow-same-origin should be OK because the main window is under the `file://` origin while the iframe window is served on `localhost:####` <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Enable sandboxing on the preview iframe to isolate preview content while preserving needed capabilities (allow-same-origin, scripts, forms, popups, modals, orientation/pointer lock, presentation, downloads). Top-level navigation remains disallowed; allow-same-origin is safe because the app is file:// and the iframe runs on localhost. <!-- End of auto-generated description by cubic. -->
11 lines
332 B
TypeScript
11 lines
332 B
TypeScript
import { testSkipIfWindows } from "./helpers/test_helper";
|
|
import { expect } from "@playwright/test";
|
|
|
|
testSkipIfWindows("preview iframe has sandbox attributes", async ({ po }) => {
|
|
await po.setUp();
|
|
await po.sendPrompt("hi");
|
|
expect(
|
|
await po.getPreviewIframeElement().getAttribute("sandbox"),
|
|
).toMatchSnapshot();
|
|
});
|