An empty `sandbox` attribute is removed from `<iframe>`

Here's an example from Python:

```pycon
>>> import minify_html
>>> minify_html.minify('<iframe sandbox=""></iframe')
'<iframe></iframe>'
>>> minify_html.minify('<iframe sandbox></iframe')
'<iframe></iframe>'
>>> minify_html.minify('<iframe sandbox="true"></iframe')
'<iframe sandbox=true></iframe>'
```

An empty value is meaningful here, [quoting MDN](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/iframe#sandbox):

> [sandbox](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/iframe#sandbox)
Controls the restrictions applied to the content embedded in the `<iframe>`. The value of the attribute can either be empty to apply all restrictions, or space-separated tokens to lift particular restrictions.

This changes the behaviour of the `iframe`, because now there are no restrictions applied to the contents of the iframe. This is potentially a security risk, as a previously sandboxed iframe is now unrestricted.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

An empty `sandbox` attribute is removed from `<iframe>` #269

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

An empty sandbox attribute is removed from <iframe> #269

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

An empty `sandbox` attribute is removed from `<iframe>` #269