InformAction Forums

From FF 88 release notes -

https://www.mozilla.org/en-US/firefox/88.0beta/releasenotes/ wrote:We keep on working on improving our PDF forms support and now support JavaScript embedded in PDF files (some PDF forms use JavaScript for validation and other interactive features).

Does NoScript control this JS or will it be able to?

Test & see, https://www.pdfscripting.com/public/Fre ... lendar.pdf.

(You would hope, that FF would provide a pref to control that behavior?
After all, JavaScript is safe .)

Bad news: NoScript has no control of what happens inside PDF.js-handled pages.
Good news: you can disable JavaScript by turning the pdfjs.enablescripting about:config preference to false. Firefox will be also so kind to tell you if this breaks some feature of the current document and offer an external viewer.

Thanks for the replies.

@therube I see the pdfjs.enableScripting pref in FF 87, so I tried toggling that to true and testing that PDF, but couldn't get the script to work?

@Giorgio Can NoScript tell whether a page it can't control is pdf.js? If so, should the NoScript popup on FF 88+ recommend setting that pref when opened on a pdf.js page?

barbaz wrote: ↑Mon Apr 12, 2021 5:24 pm @therube I see the pdfjs.enableScripting pref in FF 87, so I tried toggling that to true and testing that PDF, but couldn't get the script to work?

That one didn't work for me either, but this one pops up a JS alert as soon as you hit the submit button.

barbaz wrote: ↑Mon Apr 12, 2021 5:24 pm @Giorgio Can NoScript tell whether a page it can't control is pdf.js? If so, should the NoScript popup on FF 88+ recommend setting that pref when opened on a pdf.js page?

Need to check, but if it's possible I think it's a good idea.