Good Afternoon, all my application integrates with Opentext Content Server (OTCS) REST API. One of the use case is my application will call the OTCS REST API to download the file content (binary content). The file content is then converted into Base64 Content and stored in a variable, Base64Content

This variable is used the src attribute of iframe for the display of .txt files/ .pdf files. The formats of my src are the following:

• For .txt files, src = "data: text/plain," +  Base64Content
• For .pdf files, src = "data: application/pdf;base64," +  Base64Content

After applying Content Security Policies through Service Center, I am unable to display the file content on my iframe and have the folowing error messages:

1. Refuse to frame because it violates the Content Security Policy directive: "frame-src 'self' gap"
2. Content Security Policy delivered via a meta element may not contain the frame-ancestors directive
3. Content Security Policy delivered via a meta element may not contain the report-uri directive

Only by disabling the Content Security Policies that  am able to display the file content on my iframe.

May I know if anyone has encountered and experienced any similar issue and knows how to resolve it?