[Webkit-unassigned] [Bug 166630] Inline styles added by WebKit when viewing PDFs cause CSP violation
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jul 31 13:45:56 PDT 2024
https://bugs.webkit.org/show_bug.cgi?id=166630
Jim M. <wkbugzilla-jm.nj03w at simplelogin.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |wkbugzilla-jm.nj03w at simplel
| |ogin.com
--- Comment #8 from Jim M. <wkbugzilla-jm.nj03w at simplelogin.com> ---
I described this issue with posts to stack overflow.com and reddit.com over one year ago.
See
https://stackoverflow.com/questions/76077768/webkit-pdf-display-seems-to-require-csp-with-unsafe-inline-style-src
and
https://www.reddit.com/r/webdev/comments/12yt7g6/problem_with_display_of_pdfs_in_safariwebkit/
A page that displays the issue is
https://yourmacdoc.com/articles/files/That_One_Privacy_Guy's_Simple_VPN_Comparison_Chart_07-20-2019.pdf
The website server's Content Security Policy (CSP) contains “style-src 'self’;”
The page displays the .pdf in a small box while using Safari 17.5 (19617.1.12.11.6) whereas Safari Technology Preview Release 199 (Safari 18.0, WebKit 19619.1.22.5) displays the .pdf correctly. (macOS Sonoma 14.5).
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240731/4acde8ce/attachment.htm>
More information about the webkit-unassigned
mailing list