[ tor-browser ].git.dasho

file_pdfjs_not_subject_to_csp.html (646B)

      1 <html>
      2 <head>
      3  <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'nonce-allowPDF'; base-uri 'self'">
      4 </head>
      5 <body>
      6 <iframe id="pdfFrame"></iframe>
      7 <br/>
      8 <button id="pdfButton">click to load pdf</button>
      9 <script nonce="allowPDF">
     10  async function loadPDFIntoIframe() {
     11    let response = await fetch("dummy.pdf");
     12    let blob = await response.blob();
     13    var blobUrl = URL.createObjectURL(blob);
     14    var pdfFrame = document.getElementById("pdfFrame");
     15    pdfFrame.src = blobUrl;
     16  }
     17  let pdfButton = document.getElementById("pdfButton");
     18  pdfButton.addEventListener("click", loadPDFIntoIframe);
     19 </script>
     20 </body>
     21 </html>

	tor-browser The Tor Browser
	git clone https://git.dasho.dev/tor-browser.git
	Log \| Files \| Refs \| README \| LICENSE