Open jlfrances opened 2 weeks ago
Your error description looks very detailed - I hope I manage to reproduce the bug. Solving it may take a while because I know very little about CSP, and the CSP documentation doesn't seem to be compatible to the way my brain works. Luckily, your Angular.dev link seems to be better. Maybe I'll finally manage to wrap my head around it!
Overview
In my Angular application, I'm setting the
Content-Security-Policy
response header using 'nonce' by a meta tag and alsoangular.json
headers section, and both work well.But when I open a dialog to load the PDF (using ngx-extended-pdf-viewer) I get errors.
What I'm thinking
It seems to me that there's no way to specify to ngx-extended-pdf-viewer what's actually the nonce value.
I saw in your docs you added a reference to this, but I think it's not enough for two reasons:
language
,theme
,showDrawEditor
, etc). Like for example in Angular they added a way to provide it (in v17).Bug
angular.json
fileVersion info
"ngx-extended-pdf-viewer": "^20.0.2"