Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add sandbox permissions UI for iframe app configuration #544

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
manzke merged 2 commits into from
Nov 14, 2025
Merged

Add sandbox permissions UI for iframe app configuration #544

manzke merged 2 commits into from
Nov 14, 2025

Conversation

Copy link
Contributor

Copilot AI commented Nov 14, 2025
edited
Loading

Iframe apps support a sandbox attribute for security restrictions, but it could only be configured by manually editing JSON files. This adds UI controls in the admin panel.

Changes

  • Added sandbox permissions editor in AppFormEditor.jsx iframe configuration section
    • 6 checkboxes for common permissions: allow-scripts, allow-same-origin, allow-forms, allow-popups, allow-modals, allow-top-navigation
    • Descriptive labels explaining each permission's purpose
    • Defaults to ['allow-scripts', 'allow-same-origin', 'allow-forms'] when undefined

Example

Administrators can now configure this through checkboxes:

{
  "type": "iframe",
  "iframeConfig": {
    "url": "https://excalidraw.com/",
    "allowFullscreen": true,
    "sandbox": ["allow-scripts", "allow-same-origin", "allow-forms", "allow-popups"]
  }
}

Schema validation already exists in appConfigSchema.js (lines 204-208). The UI component follows existing patterns for form field management.

Original prompt

This section details on the original issue you should resolve

<issue_title>Allow app type config in the admin</issue_title>
<issue_description>We have introduced app type config for apps, but right now it can be only configured via json.
We should enhance the app admin edit page to allow it</issue_description>

Comments on the Issue (you are @copilot in this section)

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI changed the title [WIP] Add app type config option in admin edit page Add sandbox permissions UI for iframe app configuration Nov 14, 2025
Copilot AI requested a review from manzke November 14, 2025 13:21
@manzke manzke marked this pull request as ready for review November 14, 2025 13:48
@manzke manzke merged commit 2dc812b into main Nov 14, 2025
5 checks passed
@manzke manzke deleted the copilot/enhance-admin-app-config branch November 14, 2025 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@manzke manzke Awaiting requested review from manzke

Assignees

@manzke manzke

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow app type config in the admin

2 participants

@manzke