From aff1cd94698cbd6c7e4253624b9a59734545a472 Mon Sep 17 00:00:00 2001 From: Richard Lewis Date: Fri, 28 Jul 2017 11:14:04 +0100 Subject: [PATCH] Add allow-presentation permission to iframe sandbox permissions --- src/components/views/elements/AppTile.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/components/views/elements/AppTile.js b/src/components/views/elements/AppTile.js index 49e59be937..cf72fdddfe 100644 --- a/src/components/views/elements/AppTile.js +++ b/src/components/views/elements/AppTile.js @@ -182,7 +182,7 @@ export default React.createClass({ // hosted on the same origin as the client will get the same access as if you clicked // a link to it. const sandboxFlags = "allow-forms allow-popups allow-popups-to-escape-sandbox "+ - "allow-same-origin allow-scripts"; + "allow-same-origin allow-scripts allow-presentation"; const parsedWidgetUrl = url.parse(this.state.widgetUrl); let safeWidgetUrl = ''; if (ALLOWED_APP_URL_SCHEMES.indexOf(parsedWidgetUrl.protocol) !== -1) {