Product Ideas

Support strict Content Security Policy (CSP) compliance in PrizmDoc Viewer

It is not currently possible to make PD Viewer fully CSP compliant.


We are able to achieve partial CSP compliance through this guide provided by Accusoft https://drive.google.com/file/d/1CUIo8Rhe5G8DgyAdaoBRjOqs6MnKl3Ep/view


This guide provides the steps to allow the script-scr 'self' policy.


Setting a CSP policy of img-src: 'self' or font-src: 'self' will fail. Currently the viewer relies on data URLs for the viewer code, including in viewercontrol.js


There should be a way to modify the viewer samples to make them fully CSP compliant.



  • Brenden Moore
  • Jan 24 2022
  • Shipped
  • Attach files
  • +2