These forums are now Read Only. If you have an Acrobat question, ask questions and get help from one of our experts.

Privileged Javascript

Forum Index > JavaScript > Privileged Javascript
2008-08-16 21:39:40
GD
Registered: Aug 16 2008
Posts: 12

Hello,

I'm new to Acrobat javascript scripting, and I'm wondering out what can be achieved using what is called in Adobe Reader "highly privileged javascript".

Actually, I have created a certified pdf document, for which I have enable trustfullness into the Adobe Reader configuration (in the Manage trusted entities menu).
In this menu, there is a checkbox which allows privileged JS execution for the mentioned certificate.

Nevertheless, as I'm experimenting a few functions, it seems to me that nearly nothing could be achieved at a document level.
Looking at the JS API, almost every interesting functions require to be executed from a console event, or from a javascripts folder.

In the end, it feels like I can do nothing more with a high privilege ranking than with classic execution rights...

So I would like to know what can be concretely achieved from a js-allowed-trusted-certified-pdf in the free Adobe Reader at a document level.
Is it possible to do some file saving operations? some file importing? Can it be possible to connect to web services?

Thanks

Top
2008-08-16 23:56:45
#1
George_Johnson
Expert
Registered: Jul 6 2008
Posts: 1876
Some JavaScript methods are restricted for security reasons, regardless of the type of viewer (Reader, Standard, Pro). These restrictions can be avoided by using certified documents, trusted functions, and certain user preference settings.

Reader has certain limitations because Adobe has decided not to allow Reader to do certain things (like saving, commenting. etc.) Some of these restricted methods can be enabled in Reader by granting usage rights to the document. Acrobat (8, 9) can be used to grant some usage rights (like saving), and Adobe's LiveCycle Reader Extensions product can be used to grant much more.

So, to get restricted JavaScript methods working in Reader, it may take increasing privilege context, granting usage rights, or both. In the Acrobat JavaScript reference, check out the Quick Bar above each method to give you an idea what's required.

George
Top
2008-08-17 07:25:00
#2
GD
Registered: Aug 16 2008
Posts: 12
Hum ok,
However when I'm looking at functions whose quickbar are marked with a red S (so functions which can only be executed in privileged context), there is systematically the following note :
"This method can only be executed during a batch or console event."

This notice seems to be on every red S - marked functions.
Does it mean those functions cannot be executed from a JavaScript in the document?
My feeling is that if a function has to be written explicitely by the client in its JS console, or copied into a file before opening Reader, it sounds merely unusable.
As soon as I allowed privileges to a certified document, I supposed things would become easier, wouldn't they?

By the way, if I get to use a LiveCycle server to grant rights to some documents, will these documents be granted properly on a standard Adobe Reader installation, with nothing additional installed on the client side?

Thanks,

Guillaume

PS : Currently I'm using Acrobat Pro 9 Extended to forge PDF documents, and they are intended to be viewed with Acrobat Reader.
Top
2008-08-17 07:57:20
#3
George_Johnson
Expert
Registered: Jul 6 2008
Posts: 1876
> Does it mean those functions cannot be executed from a
> JavaScript in the document?Sort of. In the case of privileged functions, they are placed in JavaScript files located in the application or user JavaScript folder. This privileged code can then be called from a document action (button, link, etc.)

> My feeling is that if a function has to be...copied into a file
> before opening Reader, it sounds merely unusable.It depends. In a business environment this is just fine. The administrator sets things up for the users and everything is fine.

> As soon as I allowed privileges to a certified document, I supposed
> things would become easier, wouldn't they?Yes, that's the idea.

> if I get to use a LiveCycle server to grant rights to some
> documents, will these documents be granted properly on
> a standard Adobe Reader installation, with nothing additional
> installed on the client side?Yes.


George
Top
2008-08-17 08:33:16
#4
GD
Registered: Aug 16 2008
Posts: 12
Ah I think I start getting it, is the following scenario correct?

So let's assume I have a set of users, and a set of privileged functions which could be called.
For each user, I declare some functions which use those privileged functions, and place them in a script into the Javascripts folder.

Afterwards, those defined functions could be called from a document which has been certified and granted with high privileged Javascript.
And if I need to call them from a non-privileged context, they must be wrapped into a trustedFunction method.

Did I get it?

In a nutshell, if I call a function declared in a JS folder from a PDF document, will it be considered as a call from a JS folder, or will I still get some security errors?

Guillaume
Top
2008-08-17 08:53:34
#5
George_Johnson
Expert
Registered: Jul 6 2008
Posts: 1876
> Afterwards, those defined functions could be called from a
> document which has been certified and granted with high
> privileged Javascript.No. If you place the trusted functions in a JavaScript folder file, there is no need to have a certified document.

If you place the code in a certfied document, there is not need for a JavaScript folder file.

So it's one or the other, but not both.

> if I call a function declared in a JS folder from a PDF document, will it
> be considered as a call from a JS folder, or will I still get some
> security errors?You should not get errors if you've set up the trusted functions properly and Reader supports the method.

You might want to go ahead and do a test and report back if you encounter any problems.

George
Top