New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 906173 link

Starred by 1 user
Status: Untriaged
Owner: ----
Cc:
mkwst@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows
Pri: 2
Type: Bug



Sign in to add a comment

Chrome fails to render PDF in new tab when opened using window.open.

Reported by collard....@gmail.com, Nov 16 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36

Example URL:
http://jsfiddle.net/anjfpxy8/1/

Steps to reproduce the problem:
1. Write a line of JS code that opens a PDF link using window.open(url, "_blank");
2. Execute window.open code. New tab is just blank.

See referenced jsfiddle.

What is the expected behavior?
The browser should render the PDF correctly similar to when the url is pasted into a new tab by the user.

What went wrong?
The new tab just shows a blank white screen. The PDF is not rendered.

Does it occur on multiple sites: Yes

Is it a problem with a plugin? N/A 

Did this work before? N/A 

Does this work in other browsers? Yes

Chrome version: 70.0.3538.102  Channel: stable
OS Version: 10.0
Flash Version: 

It appears as if links (<a href="url" target="_blank"></a>) fail as well.

Comment 1 by jstenback@chromium.org, Nov 16

Components: -Blink Internals>Plugins>PDF
Labels: OS-Linux
Confirmed using Chrome/70.0.3538.102 on Linux as well. Over to PDF for further investigation. Other pages load in the opened tab when I type a URL in the newly opened tab, but not if I type the URL of another PDF file.

Comment 2 by thestig@chromium.org, Nov 16

Status: Untriaged (was: Unconfirmed)
It's not a recent regression, at least.

Comment 3 by thestig@chromium.org, Nov 16 

This only seems to be a problem on JSFiddle. The attached standalone .html file seems to work fine. Can you confirm this is the case?
906173.html
329 bytes View Download

Comment 4 by collard....@gmail.com, Nov 17 

We found this issue in our web app, which dynamically generates PDF reports. The JSFiddle was just used to reproduce the issue with minimal setup. 

Our web app fails locally (localhost) and when deployed to the cloud. In our case the generated PDF is served up from an alternate subdomain (reports.domain.com vs app.domain.com).

Comment 5 by thestig@chromium.org, Nov 17 

Does you web app have iframes? Iframes in different domains? Can you confirm the simple case of just a static HTML file, like the one in comment 3, works?

Comment 6 by collard....@gmail.com, Nov 17 

No we don't use iframes. I found out what the issue is. 

I took your html file and hosted it in IIS. This worked fine.

Then I added the Content-Security-Policy response header with the value: 
script-src 'unsafe-inline'; sandbox allow-scripts allow-same-origin allow-popups allow-forms allow-presentation

Now it fails every time.

Comment 7 by thestig@chromium.org, Nov 17

Cc: mkwst@chromium.org
Thanks. We flushed out the real issue.

mkwst: This is bug 271452, right?

Comment 8 by collard....@gmail.com, Nov 28 

Is there a workaround or some way of getting it working with CSP?

Sign in to add a comment