1. allow-forms
Description: The allow-forms attribute specifies whether the embedded content is allowed to submit forms. If this attribute is present, the embedded document is permitted to invoke forms and interact with them.
2. allow-pointer-lock
Description: The allow-pointer-lock attribute indicates whether the embedded content is allowed to use the Pointer Lock API. This API provides access to raw mouse movement data and is often used in applications like games for a more immersive experience.
3. allow-popups
Description: The allow-popups attribute controls whether the embedded content is allowed to open new browser windows or tabs. If present, it enables the embedded document to spawn new pop-up windows.
4. allow-same-origin
Description: The allow-same-origin attribute specifies whether the embedded content is allowed to access resources from the same origin (domain) as the parent document. This is crucial for security and privacy reasons.
5. allow-scripts
Description: The allow-scripts attribute determines whether the embedded content is permitted to execute scripts. If present, it enables the execution of JavaScript within the iframe.
6. allow-top-navigation
Description: The allow-top-navigation attribute controls whether the embedded content is allowed to navigate the top-level browsing context. If present, it enables the iframe to change the URL of the parent document.
7. allow-downloads
Description: The allow-downloads attribute specifies whether the embedded content is allowed to initiate downloads. If present, it enables the iframe to trigger file downloads.
These attributes provide granular control over the permissions of the iframe, allowing the user to tailor the behavior of the Iframe for Confluence Macro based on specific security and functionality requirements.
When using these attributes, it's essential to consider security implications and only grant permissions that are necessary for the intended functionality.