Render Ad creatives using setSafeFrameConfig in Google IMA

SafeFrame is an API-capable iframe that provides a single, unified mechanism for communication between advertiser and publisher content. SafeFrame technology in Ad Manager provides transparent and rich interactions between page content and ads while preventing external access to sensitive data and providing more granular control over which creatives are rendered using the SafeFrame container with GPT (Google Publisher Tag).

IAB standards require publishers to update their websites to render ads inside SafeFrame containers. However, when using GPT tags, Ad Manager supports and automatically activates SafeFrame.

To minimize the chances of malicious creatives serving, we recommend activating SafeFrame whenever possible, in conjunction with the HTML5 sandbox attribute, to prevent top-level navigation. 

googletag.SafeFrameConfig 

Below is a configuration object for SafeFrame containers

setSafeFrameConfig example based on JavaScript

googletag.pubads().setForceSafeFrame(true);

const pageConfig = {
  allowOverlayExpansion: true,
  allowPushExpansion: true,
  sandbox: true,
};

const slotConfig = { allowOverlayExpansion: false };

googletag.pubads().setSafeFrameConfig(pageConfig);

// The following slot will not allow for expansion by overlay.
googletag
  .defineSlot("/1234567/sports", [160, 600], "div-1")
  .setSafeFrameConfig(slotConfig)
  .addService(googletag.pubads());

// The following slot will inherit the page level settings, and hence
// would allow for expansion by overlay.
googletag.defineSlot("/1234567/news", [160, 600], "div-2").addService(googletag.pubads());

googletag.display("div-1");
googletag.display("div-2");