fix(eoi): render signed-PDF preview inline (preview endpoint + font-src)

After adding frame-src the preview iframe stopped showing the broken-file icon but went blank: it pointed at /api/v1/files/[id]/download, which presigns with the filename so S3 returns Content-Disposition: attachment — the browser downloaded the PDF instead of rendering it. Point the SignedPdfPreview iframe at the existing /preview endpoint, which presigns WITHOUT a filename (inline disposition) so the native PDF viewer renders. Also widen font-src to include https: so react-pdf/pdf.js can load its standard-font pack (LiberationSans*) — previously blocked by font-src 'self' data:, breaking the pdf.js-based viewers' glyphs. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-25 14:45:34 +02:00
parent 3f6f845c02
commit 2bc2cfac6f
3 changed files with 13 additions and 5 deletions
--- a/next.config.ts
+++ b/next.config.ts
@@ -51,7 +51,8 @@ const csp = [
  `script-src 'self' 'unsafe-inline'${isProd ? '' : " 'unsafe-eval'"}${devScriptHosts}`,
  "style-src 'self' 'unsafe-inline'",
  "img-src 'self' data: blob: https:",
-  "font-src 'self' data:",
+  // https: so react-pdf/pdf.js can load its standard-font pack + branding fonts.
+  "font-src 'self' data: https:",
  `connect-src 'self' ws: wss: https:${devConnectHosts}`,
  // PDF previews iframe a presigned storage URL; embedded-signing iframes the
  // Documenso host. Both are per-port/per-env, so allow https: (matching