View the original community article here
Last tested: Jan 21, 2019
It is not.
Sandboxed iframes have an origin of `null` so any http request at all would violate the browser’s cross-origin request rules.
This content is subject to limited support.
Is the JavaScript that runs Custom Visualizations able to make http requests? (Community)
