Description
From the user perspective, it would be beneficial in some cases to let the browser display attachments (i.e. PDF files) instead of only letting the user download them. It's most important to consider the security risks here, and build a whitelist for certain file types we should allow.
Risks
- Files that can run javascript (this could be possible in PDFs) may be able to run in a trusted context if served from our domain, thus they could steal cookies/run requests with cookies/etc. The suggested mitigation is tight CSP rules, but we might also consider serving from a separate domain if possible.
Relevant issues
See discussions here:
Description
From the user perspective, it would be beneficial in some cases to let the browser display attachments (i.e. PDF files) instead of only letting the user download them. It's most important to consider the security risks here, and build a whitelist for certain file types we should allow.
Risks
Relevant issues
See discussions here: