This would be really simple have a embed with an iframe in it. You can put whatever you want in the embed. So this could be buttons, form elements, and other things. This could be sending the html or sending a embed url.
To make sure this is secure, the iframe will need to be sandboxed. sandbox="allow-scripts allow-forms" note, that "allow-top-navigation", "allow-same-origin", "allow-pointer-lock", and "allow-popups" are not present.
"allow-pointer-lock" and "allow-popups" are disabled as not to annoy the user.
Please sign in to leave a comment.