I'm trying to get iFrame sandboxing to work, and Firefox is giving me trouble.
<iframe src="" scrolling="no" sandbox=""></iframe>
I use jQuery to set the iFrame's src attribute to one of several different pages. But my target pages have JavaScript in them that makes them break out of my iFrame. I counter that with the sandbox attribute, which is supposed to prevent JavaScript from running inside the iFrame. This works great in Chrome and Internet Explorer, but in Firefox as soon as I load the target page into the iFrame it takes over the whole window.
Firefox's documentation says it fully supports the sandbox attribute. Am I doing something wrong? Installing NoScript and telling my browser not to run JavaScript from the target site makes everything work fine, but obviously I don't want Firefox users to have to install an addon before my site will work.
