[wp-trac] [WordPress Trac] #44400: Adjust `sandbox` attribute for Sutori embeds via oEmbed discovery
WordPress Trac
noreply at wordpress.org
Mon Jun 18 22:21:30 UTC 2018
#44400: Adjust `sandbox` attribute for Sutori embeds via oEmbed discovery
--------------------------------------+------------------------------
Reporter: yoran | Owner: (none)
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Embeds | Version:
Severity: normal | Resolution:
Keywords: dev-feedback 2nd-opinion | Focuses:
--------------------------------------+------------------------------
Changes (by swissspidy):
* keywords: dev-feedback 2nd-opinion reporter-feedback => dev-feedback
2nd-opinion
Comment:
Hey there and welcome to WordPress Trac!
> Our full embed code adds `<script>` tags in order to automatically
adjust the height of the iframe according to the content.
WordPress already does that for you. So to me it sounds like the easiest
thing to do for your platform is to support the WordPress embed script
issuing `postMessage` calls to set the iframe height. As one of the
developers behind this WordPress embed sandboxing, I'd be happy to help
you with that.
Since your oEmbed endpoint is almost fully working with WP already, it
doesn't really make sense to whitelist it.
Adding `allow-same-origin` would have quite an impact that would go way
beyond allowing 1 smaller website to set the iframe's height. For example,
it has consequences for usage of cookies, local storage, etc.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44400#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list