Get help on Discord

Safari blocks PDF from Sanity CDN but not from other hosts

8 replies
Last updated: Jan 28, 2026
Hey, I am hosting a pdf on sanity and put it in a link on a webpage, recently I discovered that in safari it shows 
Blocked plug-in
when clicking the link. This behavior is new to me and I do not have it with other pdf links. Does anyone have an idea why this is and what how to solve it? It is not just on my safari browser but as well on the one of my aunt (she’s the owner of the webpage I build and it already runs for almost 2 years now)
here is the part of my code:


{/*This was a test link where which works fine for me*/}
<a href="<https://blog.bernina.com/de/wp-content/uploads/sites/2/2016/07/Schnittmuster-A-kleid.pdf>" target="_blank" rel="noopener">Schnittmuster A-Kleid</a>
{/*This gives me the blocked plugin problem: */}
<a href="<https://cdn.sanity.io/files/m29pqcus/staging/d103fbd4191583b07c87301e18e1afd954e62348.pdf>" target="_blank" rel="noopener">Aktuelle Verhaltensregeln / HygienemaĂźnahmen.</a>
AI Update

This is a Safari-specific security issue that's become more common with recent Safari updates. The "Blocked plug-in" error happens when Safari's security policies prevent certain content from loading, particularly PDFs served from CDNs with specific headers.

The most likely solution:

Based on the Sanity file field documentation, you can try adding a ?dl parameter to your PDF URL. According to Sanity's documentation, this parameter can be used with file assets to control download behavior:

<a 
  href="https://cdn.sanity.io/files/m29pqcus/staging/d103fbd4191583b07c87301e18e1afd954e62348.pdf?dl"
  rel="noopener"
>
  Aktuelle Verhaltensregeln / HygienemaĂźnahmen.
</a>

This forces the file to download rather than trying to open inline, which may bypass Safari's plugin blocking. Note that I removed target="_blank" since forcing a download doesn't need a new tab.

Why this is happening now:

Safari has become increasingly strict with security policies over the past couple of years. Since your site has been running for 2 years without issues, it's very likely that a Safari update changed how it handles PDFs from certain CDNs. Safari's Enhanced Tracking Prevention and plugin security features have been particularly aggressive with cross-origin content.

The key difference is that your working Bernina link is likely served with different HTTP headers that Safari trusts, or it's being served from the same origin as the page itself.

Additional debugging steps:

If the ?dl parameter doesn't work, you can investigate the HTTP headers to understand what Safari is seeing:

  1. Open Safari Developer Tools (Safari → Develop → Show Web Inspector)
  2. Go to the Network tab
  3. Click your PDF link and watch the request
  4. Compare the Response Headers between the working Bernina link and your Sanity link
  5. Look specifically at Content-Type, Content-Disposition, and X-Content-Type-Options headers

If Safari continues blocking it, the issue might be related to CORS policies or how Safari interprets security headers from cdn.sanity.io. In that case, you might consider re-uploading the PDF to see if that refreshes any cached metadata, or contact Sanity support if it's a broader CDN header configuration issue.

Show original thread
8 replies

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for freeExplore the demo

Was this answer helpful?