we use following code to show a PDF in Browser (here is chrome used)
Response.AddHeader("Content-Disposition", "inline");
var file = GetDocument(document.Path);
return File(file?.Content, file?.Extension);
But it shows me only the base64 code in Browser, when i delete the CSP Tag in config it works correctly. Hope someone can help. Thx a lot
I have try many things in the Security Policy (in web.config) but nothing work still showing this-> enter image description here
This is the full string in config->
<add name="Content-Security-Policy" value="plugin-types application/pdf; default-src * data: blob: filesystem: data: blob: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; child-src 'self' data: gap: ; connect-src * data: blob: 'unsafe-inline'; object-src * data: blob: 'inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: webdesigner28: ;style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; frame-ancestors 'none'; "/>
