Render PDF in visualizer

Hi @john-paul,

When I saw this, it really intrigued me, so I dove in…

From my current testing, it doesnt seem to be possible give then way I was doing it (refer below)

<object data="data:application/pdf;base64,base64_data_goes_here></object>

  • you can also do <embed> or <iframe>

The problem I found was this:

Refused to frame '' because it violates the following Content Security Policy directive: "frame-src 'none'".

Refused to load plugin data from 'data:application/pdf;base64,base64_data_here' because it violates the following Content Security Policy directive: "object-src 'none'".

So Snooping around the html that Postman preloads, I found this:

<meta http-equiv="Content-Security-Policy" content="default-src 'none'; script-src http: https: 'unsafe-inline'; style-src http: https: 'unsafe-inline' ; img-src http: https: data:; font-src http: https:; connect-src http: https:; media-src http: https:; object-src 'none'; child-src 'none'; frame-src 'none'">

This is what its complaining about. So if I removed a buncha these tags (defaulf-src, object-src, frame-src), I was able to get a pdf to render! In chrome that is…

But, when sending a request, a new html file is made every time in the temp directory, so there is no way I can get around the auto generated html they have.

However, I should say that the HTML they have in there is regarded as best practice, so nothing bad on their end :smile:.

I havent tried javascript libraries (like pdf.js), but I forsee similar issues happening, but I cant confirm that.

I’d say you make this a feature request here #feature-requests.

Hope this helps! (I was secretly hoping I could get this to work)

Orest

3 Likes