Embed a DocKap

A .dkap is a single self-contained HTML document with its own inline runtime and a double-sandboxed render surface. Embedding it is just a thin, sandboxed iframe plus a spoof-proof configuration channel — there is no separate renderer to ship and no key to manage.

Web component (recommended)

Add the loader script once, then drop a <dockap-doc> anywhere:

<script src="https://embed.dockap.app/v1/dockap-embed.js" async></script>

<dockap-doc src="https://files.example.com/q3-report.dkap"
  theme="auto"
  features="print find attachments"
  edit-policy="download-first"
  style="display:block;width:100%;height:80vh;border:0"></dockap-doc>

Your page's CSP must allow framing the capsule's host: frame-src https://files.example.com (add data: if you inline a capsule).

Live demo

A sample capsule, embedded with features="print find" (view-only chrome):

Raw iframe (fallback)

No JavaScript required. The web component degrades to exactly this DOM — a sandboxed iframe of the capsule. Subtractive options ride in the #dk= hash (a base64url-encoded config); additive capabilities (re-show Edit, downloads, AI) are only available through the web component's trusted channel.

<iframe
  src="https://files.example.com/q3-report.dkap"
  sandbox="allow-scripts allow-popups allow-downloads"
  referrerpolicy="no-referrer"
  style="width:100%;height:80vh;border:0"
  title="Q3 report"></iframe>

Options

Attribute	Values	Meaning
`src`	URL / `data:` / `blob:`	The capsule to embed (required).
`theme`	`auto` · `light` · `dark`	Preferred color scheme (presentation only).
`mode`	`full` · `embed` · `chromeless`	Chrome preset. `embed` (default) is view-only; `chromeless` hides the whole bar.
`features`	space/comma list	Read controls to show, e.g. `"print find attachments"`. Prefix with `-` / `no-` to hide instead.
`edit-policy`	`download-first` · `allow` · `off`	How editing behaves. See the honesty note in the guide.
`auto-height`	(boolean)	Reflect the capsule's reported content height onto the element.

Full reference, security guidance, and the advisory-vs-cryptographic distinction: docs/EMBEDDING.md.

Security at a glance

The embed iframe is sandboxed allow-scripts allow-popups allow-downloads with no same-origin and no top-navigation, so the capsule cannot read your page or storage and cannot navigate it. An encrypted capsule still prompts for its password inside the frame — your page never sees the contents. Hiding the Edit control is advisory; a downloaded copy is always editable.