public/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-27 00:23:41 +09:00
Code Issues Packages Projects Releases Wiki Activity

Make external iframe render work (#35730)

Browse Source 
Fix #35729, #17635, #21098
This commit is contained in:
wxiaoguang
2025-10-23 16:01:38 +08:00
committed by GitHub
parent 8085c75356
commit 522c466e24
18 changed files with 294 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/httplib/serve.go
View File

@@ -126,6 +126,7 @@ func setServeHeadersByFile(r *http.Request, w http.ResponseWriter, mineBuf []byt
// no sandbox attribute for pdf as it breaks rendering in at least safari. this
// should generally be safe as scripts inside PDF can not escape the PDF document
// see https://bugs.chromium.org/p/chromium/issues/detail?id=413851 for more discussion
// HINT: PDF-RENDER-SANDBOX: PDF won't render in sandboxed context
w.Header().Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline'")
}