inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

AAE-22443 disable insecure eval support for pdf viewer (#9780)

Browse Source
This commit is contained in:
Wojciech Duda
2024-06-06 14:26:12 +02:00
committed by GitHub
parent 00b714a57a
commit a33c1663d4
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/src/lib/viewer/components/pdf-viewer/pdf-viewer.component.ts
View File

@@ -181,7 +181,8 @@ export class PdfViewerComponent implements OnChanges, OnDestroy {
const pdfOptions = {
...this.pdfjsDefaultOptions,
data: reader.result,
withCredentials: this.appConfigService.get<boolean>('auth.withCredentials', undefined)
withCredentials: this.appConfigService.get<boolean>('auth.withCredentials', undefined),
isEvalSupported: false
};
this.executePdf(pdfOptions);
};
@@ -193,7 +194,8 @@ export class PdfViewerComponent implements OnChanges, OnDestroy {
const pdfOptions: any = {
...this.pdfjsDefaultOptions,
url: urlFile.currentValue,
withCredentials: this.appConfigService.get<boolean>('auth.withCredentials', undefined)
withCredentials: this.appConfigService.get<boolean>('auth.withCredentials', undefined),
isEvalSupported: false
};
if (this.cacheType) {
pdfOptions.httpHeaders = {