PDF Embed API CSP Error

Report · Oct 02, 2023

I have an angular web application, and I am using the Embed PDF API to display a dynamically generated report on a specific page, which works. The report is generated, and it is displayed on the page fine. The issue is in the Chrome developer console it displays the following CSP error.

Refused to apply inline style because it violates the following Content Security Policy directive: "style-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-pkLRtl3yCZkYCclFQUf2VrpHEpfMiMUVZIROBKwOG9M='), or a nonce ('nonce-...') is required to enable inline execution.

It's coming from a printHelper.html, which is something that I have no access/control over. And, according to the sources tab in the developer console, is coming from acrobatservices.adobe.com. So, I'm not sure how to fix that.

If anyone has any ideas, I would greatly appreciate it.

Report · Oct 02, 2023

I should also add that following Googles Dev Console suggestion of adding unsafe-inline has had no effect.

Report · Oct 05, 2023

This also seems to be an issue in both the demo on Adobe's website and the samples provided. I've attached screenshots to show it.

Report · Oct 05, 2023

I can confirm this, but it doesn't seem to be impacting anything, does it? I tried the print command, and from the preview, it looked ok. I'll report it, but it does seem like it's not impacting much at the moment.

Report · Oct 06, 2023

No, it does not, admittedly. The PDF still displays, prints, and downloads. It's just we would prefer to have no errors. But as long as it has been reported, looked at, and hopefully fixed that's good enough. Thank you.

Report · Oct 06, 2023

I've been tracking multiple PDF Embed issues this past few weeks - so it's possible it's all related.

PDF Embed API CSP Error

1 Correct answer