javascript - iframe sandbox not loading foreign fonts -


so have web app contains iframe loads bootstrap glyphicons

index.html iframes frame.html

glyphicons font of symbols can use instead of images. benefit of can change size without stretching , can change color easily.

html5 allows import font css3

example:

@font-face {  font-family: 'glyphicons halflings';     src: url('../fonts/glyphicons-halflings-regular.eot');  src: url('../fonts/glyphicons-halflings-regular.eot?#iefix')  format('embedded-opentype'), url('../fonts/glyphicons-halflings-regular.woff2')   format('woff2'), url('../fonts/glyphicons-halflings-regular.woff') format('woff'), url('../fonts/glyphicons-halflings-regular.ttf')   format('truetype'), url('../fonts/glyphicons-halflings-regular.svg#glyphicons_halflingsregular')   format('svg'); } 

this works fine while iframe src file run on own. second load in **iframe sandbox** fails.

this fails

<iframe src="frame.html" sandbox="allow-scripts" /> 

however, works

<iframe src="frame.html" sandbox="allow-same-origin allow-scripts" /> 

allow-same-origin huge security risk me.

is there white-list or black-list can modify allow fonts. there doesnt seem sandbox property allows it.

any appreciated


Comments

Popular posts from this blog

qt - Using float or double for own QML classes -

Create Outlook appointment via C# .Net -

ios - Swift Array Resetting Itself -