Didn't know about that. So with iframes you can safely embed foreign code ?
Yup, see the MDN page about it — HTML5 added more nice things like the sandbox attribute.
