[BUGFIX beta] Sanitize iframe attributes.

Author: rwjblue

packages/ember-htmlbars/tests/attr_nodes/sanitized_test.js

@@ -32,6 +32,10 @@ var badTags = [
     unquotedTemplate: compile("<img src={{url}}>"),
     quotedTemplate: compile("<img src='{{url}}'>"),
     multipartTemplate: compile("<img src='{{protocol}}{{path}}'>") },
+  { tag: 'iframe', attr: 'src',
+    unquotedTemplate: compile("<iframe src={{url}}></iframe>"),
+    quotedTemplate: compile("<iframe src='{{url}}'></iframe>"),
+    multipartTemplate: compile("<iframe src='{{protocol}}{{path}}'></iframe>") }
 ];
 
 for (var i=0, l=badTags.length; i<l; i++) {

packages/ember-views/lib/system/sanitize_attribute_value.js

@@ -10,7 +10,8 @@ var badTags = {
   'A': true,
   'BODY': true,
   'LINK': true,
-  'IMG': true
+  'IMG': true,
+  'IFRAME': true
 };
 
 export var badAttributes = {