Version 25.0.16

Full Changelog: 20.0.10...25.0.16

Version 25.0.10 - Security improvements and fixes

Release Notes - ng2-pdfjs-viewer v25.0.10

🎉 What's New

🔧 Bug Fixes

CSP Compliance (Issue #284)

• Fixed: Content Security Policy violations with inline styles
• Solution: Moved all static CSS to external stylesheet (ng2-customization.css)
• Enhancement: Added optional cspNonce parameter for customCSS input
• Impact: Viewer now works with strict CSP policies without violations

Blob/Uint8Array Loading (Issue #283)

• Fixed: TypeError when loading PDFs from Blob or Uint8Array sources
• Solution: Moved loadPdf() call to ngAfterViewInit() lifecycle hook
• Enhancement: Added proper pdfSrc change detection in ngOnChanges()
• Impact: All PDF source types (string, Blob, Uint8Array) now work correctly

LICENSE Symlink (Issue #282)

• Fixed: LICENSE file symlink causing SBOM generation issues
• Solution: GitHub Actions workflow now copies LICENSE as real file
• Impact: Package integrity improved for security scanning tools

♿ Accessibility Improvements

iframe Title (Issue #127)

• Added: iframeTitle input property for accessible iframe titles
• Default: Meaningful default title "PDF document viewer"
• Impact: Improved screen reader compatibility (WCAG 2.4.1.b compliance)

📚 Documentation Updates

Production Deployment

• Added: Nginx MIME type configuration for .mjs files
• Solution: types { application/javascript js mjs; }
• Impact: Resolves PDF viewer loading issues in production environments

Blob/Uint8Array Support

• Updated: All documentation now mentions Blob and Uint8Array support
• Added: Usage examples across README and docs-website

🎨 Theme System Improvements

Event-Driven Theme Application

• Fixed: Theme not applying when loading PDFs from Blob/Uint8Array sources
• Solution: Reset configuration queuing on pdfSrc changes
• Impact: Consistent theming across all PDF source types

🚀 Technical Improvements

Architecture Adherence

• All fixes follow v5.x event-driven architecture principles
• No polling, timeouts, or defensive programming
• Pure event-driven approach with trust-based system

CSP-Safe Implementation

• External CSS files for static styles
• CSS custom properties for dynamic values
• CSS classes for visibility toggles
• Optional nonce support for custom styles

Lifecycle Management

• Proper Angular lifecycle hook usage
• Trust-based approach for iframe readiness
• Event-driven configuration queuing

📋 API Changes

New Input Properties

// Accessibility
@Input() iframeTitle?: string; // Default: 'PDF document viewer'

// CSP Compliance  
@Input() cspNonce?: string; // Optional nonce for customCSS

Enhanced ThemeConfig Interface

interface ThemeConfig {
  // ... existing properties
  cspNonce?: string;      // Optional CSP nonce
  iframeTitle?: string;   // Optional iframe title
}

🔄 Migration Guide

No Breaking Changes

• All existing code continues to work without modification
• New properties are optional with sensible defaults
• Backward compatibility maintained

Optional Enhancements

// Add accessible iframe title
<ng2-pdfjs-viewer 
  pdfSrc="document.pdf"
  iframeTitle="User Manual - Chapter 3">
</ng2-pdfjs-viewer>

// Use with strict CSP
<ng2-pdfjs-viewer 
  pdfSrc="document.pdf"
  [customCSS]="styles"
  [cspNonce]="nonce">
</ng2-pdfjs-viewer>

🧪 Testing

New Test Cases

• Blob PDF loading in SampleApp
• Uint8Array PDF loading in SampleApp
• Theme application with different source types
• CSP compliance verification

Verified Scenarios

• ✅ String URL loading
• ✅ Blob object loading
• ✅ Uint8Array loading
• ✅ Theme consistency across source types
• ✅ CSP compliance with strict policies
• ✅ Accessibility with screen readers

📦 Production Deployment

Nginx Configuration

# Required for PDF.js v5+ ES modules
types {
    application/javascript  js mjs;
}

🔗 Related Issues

• #284: CSP Compliance - Content Security Policy violations
• #283: Blob pdfSrc TypeError - Blob/Uint8Array loading issues
• #282: LICENSE Symlink - SBOM generation problems
• #127: iframe Title - Accessibility improvements
• #276: Production Build - Nginx MIME type configuration

Version 25.x - Rewrite

This is a complete rewrite of the library!

Major Changes

• Complete Rewrite: Full library rewrite from the ground up with modern Angular patterns
• PDF.js v5.x: Upgraded to the latest PDF.js v5.3.93 for better performance and features
• Event-Driven Architecture: Pure event-based system with universal action dispatcher
• Template-Based UI: Angular templates for loading spinners and error displays
• Enhanced Security: Comprehensive security audit with production-ready status

Breaking Changes

• Theme System: New theme properties replace old styling options
• Error Handling: Template-based error system replaces HTML strings
• Spinner Handling: Template-based spinner system replaces HTML strings
• API Updates: Some methods have been updated for better consistency

Migration Help

• Migration Guide: Complete migration guide from v20.x to v25.x
• Examples: Updated examples and documentation
• Deprecation Warnings: Clear deprecation warnings for old APIs

Support & Community

• GitHub Discussions: Use GitHub Discussions to ask questions
• Issue Reporting: Report issues on GitHub Issues
• Documentation: Comprehensive documentation with examples and samples

---

Note: This is a major version with breaking changes. Please review the migration guide and test thoroughly before upgrading in production.

20.0.1

Angular v20 upgrade

Angular 19 upgrade

Updating the library and sample app to Angular 19

01/02/2024 - Image fixes

Only readme file changes

01/02/2024

Angular upgrade to 17.0.2

07/31/2023

Upgrade to angular 16.0.4
Default viewer ID
Memory leak fix

Angular upgrade to 15.0

Upgraded the library to Angular 15
Upgraded Sample app to Angular 15

Angular upgrade to 13.2.2

Upgraded to angular 13.2.2
Moving best practices for angular npm library packaging