On Wed, Sep 30, 2015 at 10:51 AM, Mike West wrote:
> On Wed, Sep 30, 2015 at 4:56 PM, James M. Greene > wrote:
>> *and* potentially modifying/dismantling
>> iframe sandboxes.
> Are you able to do this in any cases other than `allow-same-origin` and
> `allow-scripts`? If so, we should fix them. :)
I haven't spotted any such holes, though I also haven't tested it in all of
the various browser/OS configurations. Again, you can see the live
analysis results for your browser at
> Thanks for putting this together!
Welcomed! It was an interesting learning experience for me.