Identified an insecure inline frame.

Apply sandboxing which places a set of security and usability restrictions on the iframe.

Adding the sandbox attribute to an <iframe> element places the element into sandbox mode, which adds the following restrictions to how the browser treats the document inside the iframe:

• iframe content is treated as being from a different origin than the primary document
• blocks form submission
• block JavaScript execution
• disable Pointer Lock API (mouse movement capture)
• prevents anchor links from targeting other browsing contexts (opening in a new tab or window)
• prevents use of plugins (<embed>, <object>, <applet>, or other)
• prevent the content from navigating its top-level browsing context
• blocks auto playback of media

These sandbox precautions can help maintain browser security, which is especially useful if the <iframe> is embedding a third-party document over which you have no control.

Each of these restrictions can be lifted individually using attribute values.

• allow-top-navigation: Allows a sandboxed iframe to navigate its top-level browsing context
• allow-scripts: Enables JavaScript in a sandboxed iframe.
• allow-same-origin: Allows the content of a sandboxed iframe to be treated as having the same origin as the primary document.
• allow-popups: Enables popups in a sandboxed iframe.
• allow-pointer-lock: Enables the Pointer Lock API (mouse movement capture) in a sandboxed iframe.
• allow-forms: Enables form submission in a sandboxed iframe.