diff --git a/modules/kubernetes/f1-stream/files/static/js/streams.js b/modules/kubernetes/f1-stream/files/static/js/streams.js
index a9cea4ce..21b634f4 100644
--- a/modules/kubernetes/f1-stream/files/static/js/streams.js
+++ b/modules/kubernetes/f1-stream/files/static/js/streams.js
@@ -362,10 +362,11 @@ function openBrowserSession(streamId, streamTitle, streamURL) {
   // Remove any existing iframe
   contentEl.querySelectorAll('.browser-iframe').forEach(el => el.remove());
 
-  // Create iframe
+  // Create iframe with sandbox to prevent frame-busting and top-navigation
   const iframe = document.createElement('iframe');
   iframe.src = proxyURL;
   iframe.className = 'browser-iframe';
+  iframe.setAttribute('sandbox', 'allow-scripts allow-same-origin allow-forms allow-popups allow-popups-to-escape-sandbox allow-presentation');
   iframe.setAttribute('allowfullscreen', '');
   iframe.onload = function() {
     loader.classList.add('hidden');
diff --git a/modules/kubernetes/f1-stream/main.tf b/modules/kubernetes/f1-stream/main.tf
index 4e6657ea..62dd68e2 100644
--- a/modules/kubernetes/f1-stream/main.tf
+++ b/modules/kubernetes/f1-stream/main.tf
@@ -37,7 +37,7 @@ resource "kubernetes_deployment" "f1-stream" {
       }
       spec {
         container {
-          image = "viktorbarzin/f1-stream:v1.2.3"
+          image = "viktorbarzin/f1-stream:v1.2.4"
           name  = "f1-stream"
           resources {
             limits = {