If i use google-caja html sanitizer with its default whitelist then it will not allow me to embed iframe.
I know it is a security risk that's why it is not allowing me to do this. But their are so many trusted website which provide functionality via iframe e.g. google maps,twitter button etc.
So please suggest me how can i implement trusted one to allow my user to use this functionality.