Content Security Policy - application/pdf?


#1

So I’m embedding a PDF from a json response into an object tag after it’s successful and I check for errors (since parameters are being passed to it to populate it)… however, I get this in my console log… how do I allow application/pdf into object-src?

[Report Only] Refused to load plugin data from ‘data:application/pdf;base64,JVBERi0xLjQKJeLjz9MKMyAwIG9iago8PC9UeXBlIC9QYWd…QxOGNmN2VhNjZhNmQ4MjBkMTg4MDg2ZjBjYzA1Pl0KPj4Kc3RhcnR4cmVmCjQ5MjUxCiUlRU9G’ because it violates the following Content Security Policy directive: “object-src pdf.maintenanceprogram.com”.

Thank you for any help!


#2

http://stackoverflow.com/questions/18447970/content-security-policy-data-not-working-for-base64-images-in-chrome-28 This got rid of my error:

'object-src': "data:"