Quindi con sti pdf come si fa?!?!
così https://www.raymondcamden.com/2016/06/26/linking-to-pdfs-in-cordova-apps
____________________________
Ho cercato per un po riguardo la CONTEN SECURITY POLICY,
visto anche che l’errore che mi dava era:
Resource interpreted as Document but transferred with MIME type application/pdf: “file:///android_asset/www/assets/foo.pdf”.
plugin-types |
application/pdf |
Defines valid MIME types for plugins invoked via <object> and <embed>. To load an <applet>you must specify application/x-java-applet. |
Tutto molto interessante:
https://developers.google.com/web/fundamentals/security/csp/
https://content-security-policy.com/
CORDOVA whitelist: https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-whitelist/
Attacchi basati sull XSS:
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
http://benvinegar.github.io/csp-talk-2013/#1