As a widget developer, you may want to implement a security mechanism called sandboxing
when creating widgets that have not been tested thoroughly and may have the potential to send malicious code to the widget user's company server. When you sandbox a widget, you are marking the widget as non-trusted.
From a business user's point of view, sandboxed widgets behave exactly the same as non-sandboxed widgets on a page. The main difference between sandboxed and non-sandboxed widgets is what happens in the background. In Mashup Center, when you add a sandboxed (non-trusted) widget to a page, Mashup Center wraps the widget inside of a secure iFrame. This prevents the widget from sending any malicious code to the host system. After business users add non-trusted widgets that you create to their personal palettes, they cannot change the setting.