Sandbox box sand
parent
b1c84f2b4c
commit
625ab5171d
|
@ -4,6 +4,7 @@
|
|||
<title>{{ title }}</title>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0, minimal-ui">
|
||||
<meta http-equiv="Content-Security-Policy" content="script-src 'none'">
|
||||
<meta name="darkreader" content="stfu">
|
||||
|
||||
<meta name="description" content="Dont give shady companies your real email. Use 48hr.email to protect your privacy!">
|
||||
|
|
|
@ -26,7 +26,7 @@
|
|||
srcdoc='html' seems like a very, very unsafe method to me, unfortunately I havent found a better solution.
|
||||
#}
|
||||
|
||||
<iframe srcdoc='{{ mail.html|replace({'<html>': '<html style="color: white"'}) }}'></iframe>
|
||||
<iframe sandbox="allow-popups allow-popups-to-escape-sandbox" csp="script-src 'none'" srcdoc='{{ mail.html|replace({'<html>': '<html style="color: white"'}) }}'></iframe>
|
||||
</div>
|
||||
{% elseif mail.textAsHtml %}
|
||||
<div class="mail_body">
|
||||
|
|
Loading…
Reference in New Issue