diff options
author | Daniel Calviño Sánchez <danxuliu@gmail.com> | 2021-01-28 15:32:42 +0300 |
---|---|---|
committer | Daniel Calviño Sánchez <danxuliu@gmail.com> | 2021-01-28 16:01:10 +0300 |
commit | cf41c802ab3f4b6ec15656d28ad86a8a33906c1e (patch) | |
tree | 9f0940c72e4e2f2cbfa73de4c664b480d8a14176 /lib | |
parent | 6c4a18e53a59178f5aee0678832962a3ce088103 (diff) |
Fix PDF viewer failing on Edge (not based on Chromium)
Since version v2.4.456 the PDF.js library is published as two different
packages, a non-translated/non-polyfilled build for modern browsers and
an ES5 compatible build for older browsers.
The PDF viewer was using the build for modern browsers, so it did not
work, for example, on Edge (the original version not based on Chromium).
This has been changed to use the ES5 build instead for maximum
compatibility.
Unfortunately, the ES5 build requires allowing "unsafe-eval" in the
iframe where the PDF.js library is loaded.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Controller/DisplayController.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/Controller/DisplayController.php b/lib/Controller/DisplayController.php index 9878fce..fcba596 100644 --- a/lib/Controller/DisplayController.php +++ b/lib/Controller/DisplayController.php @@ -68,7 +68,8 @@ class DisplayController extends Controller { $policy->addAllowedChildSrcDomain('\'self\''); $policy->addAllowedFontDomain('data:'); $policy->addAllowedImageDomain('*'); - $policy->allowEvalScript(false); + // Needed for the ES5 compatible build of PDF.js + $policy->allowEvalScript(true); $response->setContentSecurityPolicy($policy); return $response; |