Fix external render, make iframe render work (#35727, #35730) (#35731)

Backport #35727 and #35730 --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
2025-10-27 00:23:41 +09:00 · 2025-10-23 16:07:17 +08:00
parent 0925089b5e
commit b2f2f8528a
19 changed files with 391 additions and 121 deletions
--- a/modules/httplib/serve.go
+++ b/modules/httplib/serve.go
@@ -126,6 +126,7 @@ func setServeHeadersByFile(r *http.Request, w http.ResponseWriter, mineBuf []byt
 		// no sandbox attribute for pdf as it breaks rendering in at least safari. this
 		// should generally be safe as scripts inside PDF can not escape the PDF document
 		// see https://bugs.chromium.org/p/chromium/issues/detail?id=413851 for more discussion
+		// HINT: PDF-RENDER-SANDBOX: PDF won't render in sandboxed context
 		w.Header().Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline'")
 	}