Reshared post from +Google Chrome Developers
<iframe sandbox> doesn't save lives, but it can save your app from security issues! +Mike West lays it down.
http://www.html5rocks.com/tutorials/security/sandboxed-iframes/
HTML5 Rocks – Play safely in sandboxed IFrames
Learn how to run IFramed content in a sandbox, greatly reducing the risk associated with third-party widgets, and your own application’s code.