#3500: Sandbox all iFrames in PocoDoc

PocoDoc/resources/index.thtml

@@ -16,7 +16,7 @@ ${PocoDoc.customHeadHTML}
 </div>
 <div class="body">
 <div id="navigation">
-<iframe src="navigation.html" onload="iFrameResize(this);" scrolling="no"></iframe>
+<iframe sandbox src="navigation.html" onload="iFrameResize(this);" scrolling="no"></iframe>
 </div>
 <div id="content">
 <h2>User Guides And Tutorials</h2>

PocoDoc/src/DocWriter.cpp

@@ -808,7 +808,7 @@ void DocWriter::writeNavigationFrame(std::ostream& ostr, const std::string& grou
 		query += item;
 	}
 	ostr << "<div id=\"navigation\">\n";
-	ostr << "<iframe src=\"navigation.html" << query << "\" onload=\"iFrameResize(this);\" scrolling=\"no\"></iframe>\n";
+	ostr << "<iframe sandbox src=\"navigation.html" << query << "\" onload=\"iFrameResize(this);\" scrolling=\"no\"></iframe>\n";
 	ostr << "</div>\n";
 }