[Webkit-unassigned] [Bug 223576] New: Safari needs csp with object-src : 'self' to render a PDF
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 22 08:19:42 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=223576
Bug ID: 223576
Summary: Safari needs csp with object-src : 'self' to render a
PDF
Product: WebKit
Version: Safari 14
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: alexandre.robuchon at gmail.com
Macos: 10.15.7
Safari: Version 14.0 (15610.1.28.1.9, 15610)
A pdf served with Content-Security-Policy header to "default-src 'none'; style-src 'self' 'unsafe-inline';" is not displayed in Safari. It complains about not having 'object-src' set to 'self'.
This header works fine in Chrome, Edge, Firefox ...
Is it something that will be fixed or is it the intended behavior ?
thanks.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210322/ac094bad/attachment.htm>
More information about the webkit-unassigned
mailing list