I am a developer behind the application Customs Buddy. This application helps merchants to generate commercial invoices based on their orders. After an invoice is generated - Merchant can download it as PDF.
But I am facing one limitation. I am not able to trigger a download of a PDF file with <a href="blob://" dowload>Download</a>. This happens due to a Content-Security-Policy setting, which arrives when URL "[store].myshopify.com/admin/apps/commercial-invoice-staging" is requested.
My question (ask) is if this is possible to either:
In my opinion, application developers will only benefit from such change and I do not see any potential security issues that this change can cause.
(as a current workaround, I have to open pdf in a new tab, where the merchant has to download it via browser PDF viewer, unfortunately not the best user experience)
Thanks a lot,
Hello Shevchenko, I am currently facing the same error on a Shopify Aplication, were you able to fix or did you find any other solution?
Thanks in advance!
Hi, still using a workaround. This issue has to be pushed further to Shopify developers, but I do not have time to do it now.