I’m wondefing if those embeds would work in an `<iframe sandbox="allow-scripts" ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

		notpushkin 7 days ago \| parent \| context \| favorite \| on: Consent-O-Matic – automatically fills ubiquitous p... I’m wondefing if those embeds would work in an `<iframe sandbox="allow-scripts" />`. This prevents them from reading/writing cookies, but everything else should work fine.

hnbad 1 day ago [–]

I don't see how that fixes anything as your browser is transmitting PII simply by fetching the iframe content. The sandbox only limits what they can do client-side, they still get to see your IP and user agent.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact