Uploaded image for project: 'Atlassian Ecosystem'
  1. Atlassian Ecosystem
  2. ECO-208

Rendering PDF files with base64 using Custom UI are not rendered due to a Content Security Policy issue

XMLWordPrintable

    • Minor

      Issue Summary

      Rendering PDF files with base64 through Forge Custom UI app encounter a CSP error: 

      Refused to frame '' because it violates the following Content Security Policy directive

      Steps to Reproduce

      1. Create an app using a Forge Custom UI.
      2. On the resolver, perform a REST API to get the pdf attachment content, e.g.: 
      resolver.define('download-attachment', async (req) => {
    const apiResponse = await api
        .asUser()
        .requestJira(route`/rest/api/3/attachment/content/ID`, {
            headers: {
                'Accept': 'application/json'
            }
        });
    const bufferResponse = await apiResponse.arrayBuffer();
    const base64 = Buffer.from(bufferResponse).toString('base64')
    console.log(base64)
    return `data:application/pdf;base64,${base64}`
  });
      1. Invoke the resolver on the App.js file, and insert the base64 on the iframe and then, deploy and install the app.
      return (
    <div>
      <span>Attachment pdf file:</span>
      <div><iframe src={data}/></div>
    </div>
  );

      Expected Results

      PDF file rendered.

      Actual Results

      Refused to frame '' because it violates the following Content Security Policy directive

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              Unassigned Unassigned
              d6427b6fb657 Guilherme Bueno (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: