Hi,
We are using a custom app for Freshdesk to automatically display links to our own admin interface via the ticket_sidebar
interface extension.
The Freshdesk code is using an iframe with sandbox="allow-scripts allow-forms allow-same-origin allow-popups allow-modals allow-downloads"
to display the interface extension.
The issue that we see is that when a user clicks the link to our own admin interface, the new browser window inherits the sandbox
setting, which disrupts certain functionality of our admin interface.
Could you please add allow-popups-to-escape-sandbox
to the sandbox
attribute to resolve this issue? There should be no security downside in doing so. See <iframe>: The Inline Frame element - HTML: HyperText Markup Language | MDN
Thank you!
Best
Richard