class ActionDispatch::ContentSecurityPolicy

policy.sandbox false

Pass `false` to disable the sandbox:

policy.sandbox "allow-scripts", "allow-modals"

Values can be passed as arguments:

policy.sandbox

should be enabled for the requested resource:
Specify whether a [sandbox](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/sandbox)

def sandbox(*values)
  if values.empty?
    @directives["sandbox"] = true
  elsif values.first
    @directives["sandbox"] = values
  else
    @directives.delete("sandbox")
  end
end