I preserve a little site for a non-profit company. Multiple.pdfs are offered for seeing on the site.
I have actually encountered a problem with.pdf screen in the existing variation of Safari (v. 16.4) (under macOS Ventura) and have actually likewise now seen it in other WebKit internet browsers such as DuckDuckGo and Orion.
When the site server’s Material Security Policy (CSP) consists of “ style-src 'self';
” a link to open a.pdf (kept in the site’s directory site) leads to the height of the.pdf to be badly truncated to about 150 pixels.
Altering the CSP to consist of “ style-src 'self' 'unsafe-inline';
” leads to the.pdf being shown as anticipated.
Safari 15.6.1 under macOS Catalina, Firefox and Google Chrome all show the.pdf as anticipated without the addition of ' unsafe-inline'
to style-src.
Is this a brand-new WebKit bug or a purposeful modification in the application of in-browser. pdf screen?
I understand the security issues of utilizing ' unsafe-inline'
in style-src. What option is offered to prevent this.pdf screen problem that I’ve kept in mind (presuming it’s not a bug that will be repaired)?