How to show external page in iframe sans Javascript in Firefox?

They have: 1 posts

Joined: Jan 2012

I'm trying to load an external site in an iframe for my Firefox visitors. The external page is loaded with javascript, and I would like this to be stripped out. For Chrome, the HTML5 sandbox="" works perfectly, and with IE the security="restricted" does the job just fine. With Firefox, I'm struggling.

I've been using the CSP policy directive as described here, but I can't seem to get the right configuration. The following line will load the page, but the javascript on the external site still loads.

header("X-Content-Security-Policy: allow 'self'; object-src 'self'; script-src 'self'; frame-src *; img-src 'self'");

I've tried dozens of other configurations and seem to have hit a brick wall. Will this work with the CSP directive? Should I look somewhere else to allow an external site to load in an iframe sans javascript in Firefox? Is this even possible in Firefox?

He has: 629 posts

Joined: May 2007

Does this method for loading new documents into iFrames not work?

A link to a live example would help.

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.