I setup a sandboxed iframe parent/child in which I call in a remote content from an html page for sake of example we will say: http://127.0.0.1/ui.html
This remote page includes some content from a third party website (an embedded youtube video, and some external JS includes), as well as its own content. I also have setup functions which I have exposed to the parent and can call them. (simple alerts)
I cannot view the embedded video, or include any scripts residing outside the sandboxed url path the remote content or any content included (outside of the ui.html).
The documentation states:
"HTML content in remote (network) security sandboxes can only load CSS, frame, iframe, and img content from remote sandboxes (from network URLs)."
Which is in line with the occurances.
My question is...
Is there any way to allow these external includes as well as maintain the ability to perform script calls from the parent to the child sandbox?