Andreas Schamanek

I've a user using Safari 15.5 under MacOS 12.4 reporting the same issue. I see @dobunzli is using the same O/S. I myself use neither nor. But comparing the HTTP...

In the meantime I upgraded one DokuWiki instance to "Igor", and I installed the Brave browser on a Windows 10 PC. All PDFs are loading fine, but a user using...

@Klap-in not sure which headers you mean. Also, since I have no MacOS at hand I can't tell which headers are actually sent to the browser. If you referred to...

@virk Do you see any errors/messages in Safari's Web Debugger/JavaScript console or similar (Ctrl-Shift-K or F12 in Firefox)?

I removed the `Content-Security-Policy` header and asked @virk to access a test PDF for me. He said it loaded just fine. (Thanks @virk !) Edit for code details: I removed...

@tgressly you might be affected by a different bug. `$data['csp']` was [added 2020-10-14](https://github.com/splitbrain/dokuwiki/commit/6cda96e3cf806e272521e0e44b9592acb7d3b837) to `fetch.php`: https://github.com/splitbrain/dokuwiki/blob/8e8e73a7317718894743233168d39f27aec8ded2/lib/exe/fetch.php#L119 @virk Removing CSP is no solution. It was introduced for good reasons. And it...

That's good to know! I had tried `'sandbox' => "'allow-scripts'",` but a colleague told me that it did not help. (Edit: Fixed stupid copy-paste error.)

DW has an option to enforce downloads (`Content-Disposition: attachment` instead of `inline`). I wonder whether enforcing PDF downloads for MacOS Safari would be a safer option/workaround.

There are pros and cons when it comes to trust other people's/system's regex hells and heavens, cf. e.g. https://github.com/vjeantet/grok/blob/master/patterns.go For instance, on the one hand I'd be surprised if using...

Cf. * [Debian bug #853981 - apache2-bin: mod_http2 together with mod_ruid2 breaks the server](https://bugs.debian.org/853981) * [Debian Bug #866395: libapache2-mod-ruid2: Server crashes (Signal 6 aborted) with mod_ruid2 after jessie->stretch update](https://bugs.debian.org/866395)