Copy link to clipboard
Copied
I have been using the API and providing a URL and not having any problems but when I switch to using the promise I am getting an error back in the console and the file doesn't load. It looks as if the error is in the viewer.js
I get the error:
"Refused to execute inline event handler because it violates the following Content Security Policy directive: "script-src 'self' use.typekit.net assets.adobedtm.com www.adobe.com/marketingtech/ prod.adobeccstatic.com/utilnav/ widget.uservoice.com by2.uservoice.com/t2/ assets.adobe.com api.demandbase.com/api/v2/ip.json commerce.adobe.com". Either the 'unsafe-inline' keyword, a hash ('sha256-...'), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present."
Is there something I need to add to my CSP Header to prevent this?
To reproduce the error here's what I am doing using I am using https://documentservices.adobe.com/view-sdk/viewer.js
var adobeDCView = new AdobeDC.View({
clientId: {clientId},
divId: "adobe-dc-view",
});
adobeDCView.previewFile({
content: {
promise: readFile(buffer),
},
metaData: {
fileName: "FileName"
}
}, {});
}
Any help would be greatly appreciated.
Copy link to clipboard
Copied
Hi @DeanWa, did you manage to fix this issue?