Closed Bug 1663843 Opened 4 years ago Closed 4 years ago

"Content Copying" Document Restriction is not effective

Categories

(Firefox :: PDF Viewer, defect)

Product:
Firefox
Component:
PDF Viewer
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 792816

People

(Reporter: t.matsuu, Unassigned)

References

(
URL
)

Details

I haven't fully tested all document restrictions, but the "content copy" restriction doesn't work in pdf.js.

Step to Reproduce:

  1. Generate a PDF file which has "Content Copy: Disallowed" document restriction
  2. Open the PDF file in Firefox
  3. Select text and then Copy and Paste

Actual Result:
The selected text is copied and pasted.

Expected Result:
Text cannot be copied.

Those Document Security restrictions are ignored by default.

If you, the user, want to respect some permissions (like not being able to copy), you can toggle this preference in about:config from false to true:

pdfjs.enablePermissions

After toggling the preference, reload any open PDF to see the change.

Example: https://www.jeffersonscher.com/res/protected.pdf

This also can be set by Enterprise Policy if you want to enforce that within your organization. See: bug 792816

(In reply to jscher2000 from comment #1)

Those Document Security restrictions are ignored by default.

Oh, it breaks a trusting relationship with PDF creators.
This choice may lead all Firefox users blocked from their websites.

pdfjs.enablePermissions should set to true and be non-configurable from users.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE

(In reply to Takanori MATSUURA from comment #2)

(In reply to jscher2000 from comment #1)

Those Document Security restrictions are ignored by default.

Oh, it breaks a trusting relationship with PDF creators.
This choice may lead all Firefox users blocked from their websites.

pdfjs.enablePermissions should set to true and be non-configurable from users.

I think it was decided a long time ago not to enforce the restrictions by default. I don't know whether it has affected whether sites allow Firefox users to view PDFs. I notice some sites use their own custom viewer to better control the experience. Perhaps that is a partial response, or perhaps sites accept that these flags are enforced on an honor system and are not any kind of real security.

You need to log in before you can comment on or make changes to this bug.