HTML Sanitizer Iframe erlauben

Shopware 6 (German)
1

Hallo nochmal,
nächste Frage: Nach dem Shopware Update auf 6.5.7.2 wurde nun der Code für ein Iframe automatisch entfernt in der Erlebniswelt… Hab nun eine z-shopware.yaml angelegt und diverse Tags freigegeben, mit iframe soll es aber etwas komplizierter sein, da man die src des iframes explizit freigeben muss wie ich in der Doku lesen konnte. Da wird aber kein explizites Beispiel gegeben. Kann mir einer sagen, wie ich es in die z-shopware.yaml schreiben muss, um das iframe freizugeben?

Hier meine z-shopware.yaml:

shopware:

 html_sanitizer:
        sets:
            - name: basic
              tags: ["a", "abbr", "acronym", "address", "b", "bdo", "big", "blockquote", "br", "caption", "center", "cite", "code", "col", "colgroup", "dd", "del", "dfn", "dir", "div", "dl", "dt", "em", "font", "h1", "h2", "h3", "h4", "h5", "h6", "hr", "i", "ins", "kbd", "li", "menu", "ol", "p", "pre", "q", "s", "samp", "small", "span", "strike", "strong", "sub", "sup", "table", "tbody", "td", "tfoot", "th", "thead", "tr", "tt", "u", "ul", "var", "img"]
              attributes: ["align", "bgcolor", "border", "cellpadding", "cellspacing", "cite", "class", "clear", "color", "colspan", "dir", "face", "frame", "height", "href", "id", "lang", "name", "noshade", "nowrap", "rel", "rev", "rowspan", "scope", "size", "span", "start", "style", "summary", "title", "type", "valign", "value", "width", "target", "src", "alt", "iframe"]
              options:
                  - key: Attr.AllowedFrameTargets
                    values: ['_blank', '_self', '_parent', '_top']
                  - key: Attr.AllowedRel
                    values: ['nofollow', 'print']
                  - key: Attr.EnableID
                    value: true
            - name: media
              tags: ["img"]
              attributes: ["src", "alt"]
            - name: script
              tags: ["script"]
              options:
                  - key: HTML.Trusted
                    value: true
            - name: tidy
              options:
                  - key: Output.TidyFormat
                    value: true
            - name: bootstrap
              tags: ["a", "span"]
              attributes: ["role", "aria-label", "aria-labelledly", "aria-current", "aria-expanded", "aria-controls", "aria-hidden", "aria-describedby", "tabindex", "aria-modal", "data-bs-toggle", "data-bs-target", "data-bs-dismiss", "data-bs-slide", "data-bs-slide-to", "data-bs-parent", "data-bs-config", "data-bs-content", "data-bs-spy"]
              custom_attributes:
                  - tags: ["a", "span"]
                    attributes: ["href", "role", "aria-label", "aria-labelledly", "aria-current", "aria-expanded", "aria-controls", "aria-hidden", "aria-describedby", "tabindex", "aria-modal", "data-bs-toggle", "data-bs-target", "data-bs-dismiss", "data-bs-slide", "data-bs-slide-to", "data-bs-parent", "data-bs-config", "data-bs-content", "data-bs-spy"]
            - name: snippet
              tags: ["a"]
              attributes: ["data-url", "data-ajax-modal"]
              custom_attributes:
                  - tags: ["a"]
                    attributes: ["data-url", "data-ajax-modal"]
2

Gibt es hierzu eine Info? Benötige ebenfalls iFrame bei einem Projekt.