23028 Commits

Author SHA1 Message Date
Tim van der Meij
4d3b747a17
Merge pull request #21518 from mozilla/dependabot/github_actions/actions/checkout-7.0.0
Bump actions/checkout from 6.0.3 to 7.0.0
2026-06-30 20:09:55 +02:00
Tim van der Meij
9d4f06129c
Merge pull request #21516 from mozilla/dependabot/github_actions/actions/setup-python-6.3.0
Bump actions/setup-python from 6.2.0 to 6.3.0
2026-06-30 20:08:22 +02:00
calixteman
2578f6bff6
Merge pull request #21247 from beurdouche/master
Digital Signature and Certificate verification
2026-06-30 18:36:10 +02:00
dependabot[bot]
bb9c4af462
Bump actions/checkout from 6.0.3 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](df4cb1c069...9c091bb21b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:16:46 +00:00
dependabot[bot]
6b0777d55f
Bump actions/setup-python from 6.2.0 to 6.3.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](a309ff8b42...ece7cb06ca)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:16:16 +00:00
Benjamin Beurdouche
07b1c625e1 Add Digital signature properties verification panel
Adds a new "Digital signature properties" doorhanger to the pdf.js
toolbar that lists every digital signature found in the opened PDF,
verifies each one (via NSS in the Firefox build through a new chrome
bridge), and shows per-signature status + certificate state.

The viewer side parses /Sig dicts in the worker
(`PDFDocument.signatures`), strict-validates the /ByteRange offsets
before slicing, and ships only signature metadata across the worker
boundary. The PKCS#7 blob and signed-data byte spans live in a
worker-side map and are fetched lazily one signature at a time via
a new `getSignatureData(id)` RPC, immediately before verification
runs, so the bytes never sit in main-thread memory for the
document's lifetime.

The panel is feature-gated by `pdfjs.enableSignatureVerification`
(true in MOZCENTRAL/TESTING, off by default in the GENERIC build).
External services expose a `createSignatureVerifier()` factory that
the Firefox build wires up to `nsIX509CertDB.asyncVerifyPKCS7Object`;
GENERIC builds return null and the toolbar button stays hidden.

UI summary:
- Toolbar button states: loading dots while in flight, then green
  check, orange `!`, or red `✕` based on the worst aggregate
  signature status.
- Doorhanger contains a banner summarising the document state, then
  one card per signature with status row + certificate row (sub-
  signatures nested under their outer revision via /ByteRange
  containment).
- Icons are mono SVGs themed via `mask-image` + `background-color`
  so they pick up light/dark/HCM via `--sig-icon-*` vars; flipped
  under RTL via `scaleX(var(--dir-factor))`. The HCM mapping reuses
  the alt-text vocabulary (ButtonFace / ButtonText / ButtonBorder /
  GrayText / AccentColor / LinkText) so this panel reads the same
  as the rest of the editor toolbar in high-contrast mode.
- All visible strings are localized via Fluent
  (`pdfjs-digital-signature-properties-*`); status row, banner, and
  certificate row use explicit lookup tables instead of generated
  ids so a grep finds them.
- Esc + outside-click close the panel through the viewer's existing
  handlers; the manager exposes `isOpen`, `close()`, and
  `shouldCloseOnClick(target)` for that.

This commit also adds a `test/pdfs/sig_corpus/` directory holding a
Python generator that produces a corpus of signed PDFs covering
every visible state of the doorhanger (verified / untrusted /
expired / invalid / unknown / multi-signature variants). The corpus
is intentionally NOT part of the automated test suite — it is a
manual-test tool. Generated `.pdf` files are gitignored; only the
generator, README, and a `user.js.example` snippet are tracked.
The generator shells out to mozilla-central's
`security/manager/tools/pycms.py` (resolved via `--mozilla-central
<path>` or the `MOZILLA_CENTRAL_SRC` env var) and the embedded test
trust anchors (`pdf-sign-ca` / `pdf-sign-ca-expired`), gated by
`security.pdf_signature_verification.enable_test_trust_anchors` so
the test certificates never validate in shipping Firefox.
2026-06-30 13:25:09 +02:00
calixteman
25eae30e4e
Merge pull request #21513 from calixteman/bug2051221
Remove the BOM from html files (bug 2051221)
2026-06-29 22:21:29 +02:00
calixteman
649fb9c970
Merge pull request #21501 from calixteman/sound
Add support for Sound annotations playing embedded audio
2026-06-29 13:21:08 +02:00
Calixte Denizet
3ccc3ec65c Add support for Sound annotations playing embedded audio
Wrap uncompressed PCM sound streams (Raw/Signed, 8/16-bit, mono/stereo)
in WAV and play them through the shared media overlay.
2026-06-29 12:30:48 +02:00
Calixte Denizet
d142fd2451 Remove the BOM from html files (bug 2051221)
Add add a linter in order to avoid future regressions.
2026-06-29 11:20:34 +02:00
calixteman
1651e57e61
Merge pull request #21507 from calixteman/publish-coverage-index
Add a workflow to publish the per-test coverage index
2026-06-29 11:15:38 +02:00
Calixte Denizet
e4846726ee Add a workflow to publish the per-test coverage index
This index is useful to know what are the tests hitting a specific part of the code.
The next step is to update coverage_search in order to use it instead of having to create
a local one.
2026-06-29 10:07:06 +02:00
Tim van der Meij
f2f3a7fdce
Merge pull request #21510 from timvandermeij/bump
Bump the stable version in `pdfjs.config`
2026-06-27 18:36:56 +02:00
Tim van der Meij
a20c46eca0
Bump the stable version in pdfjs.config 2026-06-27 18:33:07 +02:00
Tim van der Meij
6353acefe5
Merge pull request #21508 from Snuffleupagus/optional-chaining-not-length
Use more optional chaining in the `src/` and `web/` folders
v6.1.200
2026-06-27 13:51:54 +02:00
Jonas Jenwald
b7b3a4c454 Use more optional chaining in the src/ and web/ folders
There's a few spots where we check if something is either undefined or if its length is zero, which can be simplified by instead using optional chaining.
2026-06-27 12:20:36 +02:00
Tim van der Meij
8bdd159699
Merge pull request #21505 from Snuffleupagus/StructTreeRoot-rm-init
Inline the `init` method in the `StructTreeRoot` constructor
2026-06-26 20:14:46 +02:00
Tim van der Meij
195226e3a6
Merge pull request #21500 from calixteman/bug2050191
Disable selection rendering when backdrop-filter is unsupported (bug 2050191)
2026-06-26 20:12:48 +02:00
Tim van der Meij
d8526132f5
Merge pull request #21487 from calixteman/issue17333
Render non-empty glyph 0 for char code 0
2026-06-26 20:08:51 +02:00
Jonas Jenwald
82324408cd Inline the init method in the StructTreeRoot constructor
Currently the constructor only set various class fields and the class instance thus needs to be "manually" initialized, which seems unnecessary.
Given how short/simple the `init` and `readRoleMap` methods are we can just inline their code in the constructor, thus simplifying the code overall.
2026-06-26 14:19:35 +02:00
calixteman
86ffd68c05
Merge pull request #21504 from nicolo-ribaudo/move-selection-styles
Move SVG text selection styles to pdf_viewer.css (bug 2049302)
2026-06-26 10:14:51 +02:00
Nicolò Ribaudo
5d81fe5098
Move SVG text selection styles to pdf_viewer.css
draw_layer_builder.css, which originally included these styles, is not
loaded in GECKOVIEW. This is because it also includes all the styles
related to highlights and drawing, which are only supported in the main
viewer.

The new SVG-based highlights are also used in GECKOVIEW, so even though
the JS logic for them lives in the DrawLayer builder, we need to move the CSS
somewhere where we know it's going to be loaded.
2026-06-25 15:55:26 +02:00
Jonas Jenwald
a1953e7c3c
Merge pull request #21502 from Snuffleupagus/issue17906-test-forms
Change `issue17906` to test "forms" rendering
2026-06-25 13:44:33 +02:00
Jonas Jenwald
beb332a245 Change issue17906 to test "forms" rendering
Looking at the coverage data the code-path added in PR 17908 isn't actually covered by tests; note 10844326c7/blob/src/core/annotation.js (L1250)
2026-06-25 11:59:57 +02:00
Jonas Jenwald
10844326c7
Merge pull request #21497 from Snuffleupagus/substring-tweaks
Tweak some `String.prototype.substring()` usage
2026-06-24 20:32:34 +02:00
Calixte Denizet
7f9c54a259 Disable selection rendering when backdrop-filter is unsupported (bug 2050191)
Selection rendering relies on the CSS backdrop-filter property, so it must
be gated on browser support for it.
2026-06-24 20:16:44 +02:00
Jonas Jenwald
eee03693a0
Merge pull request #21499 from Snuffleupagus/version-6.1
Bump library version to `6.1`
2026-06-24 19:47:37 +02:00
Jonas Jenwald
7414f6ed5a Bump library version to 6.1
See commit b168293c173b0b9befe462c0b254136cf038c3ef
2026-06-24 19:32:42 +02:00
Jonas Jenwald
5964e88be1
Merge pull request #21488 from Snuffleupagus/annotationGlobals-catalog
Include the `catalog` instance in the `annotationGlobals` data
2026-06-24 18:57:53 +02:00
Jonas Jenwald
6718c2924c Tweak some String.prototype.substring() usage
In a few spots the `indexEnd` parameter is explicitly set to the string-length, which is unnecessary since that's the default value if the parameter is omitted; note https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substring#description

In the `XMLParserBase.prototype._resolveEntities` method the `substring` usage can be replaced with an updated (and cached) regular expression that directly finds numbers.
2026-06-24 18:52:46 +02:00
Jonas Jenwald
44e637a064 Remove explicit xref usage in the ScreenAnnotation.prototype.#renditionActions method
Rather than fetching "raw" dictionary-data and then manually resolving any references, we can simply use `Dict.prototype.get` and `Dict`-iteration to access the needed data *directly* instead.
2026-06-24 10:46:07 +02:00
Jonas Jenwald
15d93e1f34 Introduce a helper method, in the Annotation class, for determining the attachment fileId
This avoids duplication between the `FileAttachmentAnnotation` and `MediaAnnotation` classes, since they currently include essentially the same code for determining the attachment `fileId`.
2026-06-24 10:45:52 +02:00
Jonas Jenwald
8a2c112c20 Simplify the Annotation.prototype.setAppearance method a tiny bit
It's not necessary to check if the /AS entry exists first, and it can just be fetched directly, since in that case the existing "is stream"-check won't be true anyway.

Also, move the `appearance` field definition to the top of the class instead.
2026-06-24 10:42:38 +02:00
Jonas Jenwald
f07a106529 Include the catalog instance in the annotationGlobals data
The `FileAttachmentAnnotation` and `MediaAnnotation` code needs to (synchronously) access a `catalog` method, which leads to unnecessarily verbose code.
This can be avoided by including the `catalog` instance in the `annotationGlobals` data, which is safe since it already includes data that's fetched asynchronously from the `catalog` instance.
2026-06-24 10:42:38 +02:00
calixteman
04eeeec4a4
Merge pull request #21492 from timvandermeij/updates
Update dependencies to the most recent versions
2026-06-24 08:06:07 +02:00
calixteman
078b96229d
Render non-empty glyph 0 for char code 0
It fixes #17333.
2026-06-23 21:38:57 +02:00
calixteman
e6539f6516
Merge pull request #21490 from calixteman/screen_rendition
Add support for Screen annotations playing embedded media
2026-06-23 21:34:30 +02:00
Tim van der Meij
7a9abfb2dc
Fix vulnerability in the js-yaml dependency
This patch is generated automatically using `npm audit fix`, and
partially fixes GHSA-h67p-54hq-rp68.
2026-06-23 20:53:19 +02:00
Tim van der Meij
048331b09a
Upgrade @types/node to version 26.0.0
This is a major version bump, but the patch at
https://github.com/DefinitelyTyped/DefinitelyTyped/pull/75025
doesn't indicate any breaking changes that should impact us as it mainly
includes support for Node.js 26.
2026-06-23 20:50:02 +02:00
Tim van der Meij
56843f9b42
Upgrade eslint-plugin-unicorn to version 68.0.0
This is a major version bump, but the changelog at
https://github.com/sindresorhus/eslint-plugin-unicorn/releases/tag/v67.0.0 and
https://github.com/sindresorhus/eslint-plugin-unicorn/releases/tag/v68.0.0
doesn't indicate any breaking changes that should impact us.
2026-06-23 20:50:02 +02:00
Tim van der Meij
7818ab1b9d
Update dependencies to the most recent versions 2026-06-23 20:50:02 +02:00
Calixte Denizet
d8ea2afe47 Add support for Screen annotations playing embedded media
Screen annotations whose rendition action resolves to an embedded audio/video
file now play through the same play-button overlay as RichMedia.
Factor the shared resolution logic into a MediaAnnotation base (used by both RichMedia and Screen).

It fixes #6078 and #2787.
2026-06-23 20:48:35 +02:00
Tim van der Meij
4117b75a10
Merge pull request #21486 from Snuffleupagus/getTextContent-sink-fixes
Improve the `sink` handling in `getTextContent` for Highlight annotations (PR 20019 follow-up)
2026-06-23 20:02:34 +02:00
Jonas Jenwald
813d1949ba
Merge pull request #21491 from Snuffleupagus/readCmapTable-sort-last
Sort the mappings *last* in the `readCmapTable` function (PR 19321 follow-up)
2026-06-23 16:01:09 +02:00
Jonas Jenwald
a1acf4fc9f
Merge pull request #21489 from Snuffleupagus/editor-tools-rm-testing-reset
Remove the `AnnotationEditorUIManager` and `IdManager` test-only `reset` methods (PR 19809 follow-up)
2026-06-23 14:03:46 +02:00
Jonas Jenwald
9ca13c9a23 Sort the mappings *last* in the readCmapTable function (PR 19321 follow-up)
This improves performance of `issue19319.pdf` even more, and locally the rendering time of the second page goes from ~300 ms to ~250 ms, since we avoid sorting a bunch of duplicate entries.
2026-06-23 13:51:37 +02:00
Jonas Jenwald
09c9f7f2fe Remove the AnnotationEditorUIManager and IdManager test-only reset methods (PR 19809 follow-up)
These test-only methods became unused in PR 19809.
2026-06-23 12:09:12 +02:00
calixteman
d71fe9025d
Merge pull request #21474 from calixteman/rich_media
Add support for RichMedia annotations
2026-06-22 22:29:14 +02:00
Calixte Denizet
d537f5ba4b
Add support for RichMedia annotations
Render `/Subtype /RichMedia` annotations so embedded video and audio can
be played in the viewer.

The core layer parses the `RichMediaContent` dictionary to locate the
primary playable asset and its MIME type. The display layer overlays a
play button on the annotation's poster; clicking it swaps in a
`<video>`/`<audio>` element backed by a `blob:` URL. Presentation mode
lets events reach the media controls instead of advancing the page.

It fixes #2787.
2026-06-22 21:27:52 +02:00
Tim van der Meij
b6469341c1
Merge pull request #21485 from calixteman/bug2046659
Use AES256 for V=5 documents with a mislabeled AESV2 crypt filter (bug 2046659)
2026-06-22 20:44:48 +02:00