+++ This bug was initially created as a clone of Bug #18647 +++
Created to merge https://github.com/w3c/html/commit/0e5f355bd059d8857a44505757da025f21e2efb7, which has been parked in feature/whatwg_iframe_pointer_lock branch.
Pointer Lock API  adds capability that should be restricted by a sandbox flag unless an iframe is marked explicitly with sandbox="allow-pointer-lock"
Rough edit suggestion to HTML:
Add a section for The sandboxed pointer lock flag
+ "The sandboxed pointer lock flag
+ This flag prevents content from using the Pointer Lock API"
with link to http://www.w3.org/TR/pointerlock/
Add a new flag parsing item:
After the text: "When the user agent is to parse a sandboxing directive ..."
+ "The sandboxed pointer lock flag, unless tokens contains the allow-pointer-lock keyword"
Mass move to "HTML WG"
*** This bug has been marked as a duplicate of bug 19773 ***