23064 Commits

Author SHA1 Message Date
Jonas Jenwald
be90aa4f46 Use the MathClamp helper in the PDFImage.prototype.getComponents method 2026-07-04 13:23:37 +02:00
Tim van der Meij
5b100c4509
Merge pull request #21525 from calixteman/20504_skia_followup
Apply the appearance-stream scale factor when text is shown, not on setFont
2026-07-03 20:17:53 +02:00
Tim van der Meij
cca78c1d32
Merge pull request #21475 from nicolo-ribaudo/babel-8
Update to Babel 8
2026-07-03 20:14:36 +02:00
Tim van der Meij
32f3906960
Merge pull request #21533 from Snuffleupagus/SignaturePropertiesManager-#bannerState
Move the `bannerStateForResults` helper into the `SignaturePropertiesManager` class (PR 21247 follow-up)
2026-07-03 20:13:58 +02:00
Tim van der Meij
e414f74375
Merge pull request #21534 from Snuffleupagus/addPasteButton-#getPageL10nArgs
Use the `#getPageL10nArgs` helper in the `PDFThumbnailView.prototype.addPasteButton` method
2026-07-03 20:11:49 +02:00
Tim van der Meij
70c52132af
Merge pull request #21514 from nicolo-ribaudo/remove-selection-conflict-chrome
Avoid text selection workaround in modern Chromium
2026-07-03 20:10:28 +02:00
Jonas Jenwald
0c076f5f0b Use the #getPageL10nArgs helper in the PDFThumbnailView.prototype.addPasteButton method
Rather than effectively duplicating code, we can re-use the existing helper here as well.
2026-07-03 16:18:25 +02:00
Jonas Jenwald
14f4cce29d Move the bannerStateForResults helper into the SignaturePropertiesManager class (PR 21247 follow-up)
This has a couple of advantages:
 - It allows accessing and iterating `this.#results` directly, without having to (needlessly) create a temporary array.

 - By moving the "worst status" computation into its own getter, it can be re-used from the `#updateButtonState` method as well which reduces code duplication.
2026-07-03 12:41:15 +02:00
calixteman
0cc1718b02
Merge pull request #21527 from Snuffleupagus/issue-21523
Add basic support for non-embedded TrebuchetMS fonts (issue 21523)
2026-07-03 10:21:11 +02:00
calixteman
ab90210aa4
Merge pull request #21531 from Snuffleupagus/PDFThumbnailViewer-#updateStatus-isCopy
Reduce duplication when updating undoButton/undoCloseButton in `PDFThumbnailViewer.prototype.#updateStatus`
2026-07-03 08:14:23 +02:00
calixteman
44ae5b0e9a
Merge pull request #21529 from Snuffleupagus/SignaturePropertiesManager-geckoview
[GeckoView] Add `web-digital_signature_properties_manager` import map (PR 21247 follow-up)
2026-07-03 08:13:08 +02:00
calixteman
394a08f8b0
Merge pull request #21532 from mozilla/update-locales
l10n: Update locale files
2026-07-03 08:12:10 +02:00
calixteman
4952e4d5eb
Merge pull request #21530 from beurdouche/dedupe-signature-properties-warn-icon
Deduplicate the signature-properties warn/error toolbar icon
2026-07-03 08:11:56 +02:00
github-actions[bot]
95604a3401 l10n: Update locale files 2026-07-03 00:42:56 +00:00
Jonas Jenwald
f373fbfa5b Reduce duplication when updating undoButton/undoCloseButton in PDFThumbnailViewer.prototype.#updateStatus 2026-07-03 00:03:17 +02:00
Benjamin Beurdouche
34629bd2cf Deduplicate the signature-properties warn/error toolbar icon
The warn and error state badges shipped as byte-identical files (an
X-in-circle glyph). Drop the redundant
toolbarButton-signaturePropertiesWarn.svg and point the warn state at
the error icon instead; the amber-vs-red distinction is preserved via
background-color (--sig-icon-warn vs --sig-icon-error), not the glyph.
2026-07-02 23:00:08 +02:00
Jonas Jenwald
12691fdf50 Remove unnecessary class-field resetting in SignaturePropertiesManager.prototype.setDocument (PR 21247 follow-up)
This corresponds to the initial values of these fields, and they were *already* reset when a (previous) PDF document was closed.
2026-07-02 19:44:35 +02:00
Jonas Jenwald
a1f1a56080 [GeckoView] Add web-digital_signature_properties_manager import map (PR 21247 follow-up)
Currently the GeckoView development viewer, i.e. http://localhost:8888/web/viewer-geckoview.html, is completely broken with the following error:
```
Uncaught TypeError: The specifier “web-digital_signature_properties_manager” was a bare specifier, but was not remapped to anything. Relative module specifiers must start with “./”, “../” or “/”. app.js:97:44
```
2026-07-02 19:44:28 +02:00
calixteman
a0061817e6
Merge pull request #21528 from calixteman/serialize-pages-deploy
Serialize GitHub Pages deployments to avoid concurrent deploy failures
2026-07-02 18:54:29 +02:00
Calixte Denizet
6f2dcd3955 Serialize GitHub Pages deployments to avoid concurrent deploy failures 2026-07-02 18:48:09 +02:00
Jonas Jenwald
f7a4abf9a7
Merge pull request #21524 from Snuffleupagus/SignaturePropertiesManager-setDocument
A couple of `SignaturePropertiesManager` improvements (PR 21247 follow-up)
2026-07-02 18:29:17 +02:00
calixteman
d5dafc3fb3
Merge pull request #21522 from spokodev/w32/pdfjs-escapepdfname
Fix escapePDFName producing malformed name escapes for control characters
2026-07-02 18:11:21 +02:00
Jonas Jenwald
15969fbe19 Add basic support for non-embedded TrebuchetMS fonts (issue 21523) 2026-07-02 15:13:01 +02:00
Calixte Denizet
d9999dcedd Apply the appearance-stream scale factor when text is shown, not on setFont
The font size (Tf) and the text matrix (Tm) can appear in any order in an
appearance stream. Applying the scale factor eagerly in setFont missed the
case where Tf precedes Tm (e.g. Skia-generated FreeText), yielding a wrong
guessed font size.
2026-07-02 14:51:10 +02:00
Jonas Jenwald
d66bd324fa
Merge pull request #21519 from timvandermeij/fix-workflow-version
Fix the version comment in the font tests GitHub Actions workflow
2026-07-02 14:09:50 +02:00
Jonas Jenwald
fa207b4ce8 A couple of SignaturePropertiesManager improvements (PR 21247 follow-up)
- Replace the `loadFromDocument` and `reset` methods with a single `setDocument` method, since that's consistent with many other viewer components.

 - Replace the internal `#loadToken` field with simple `pdfDocument` checks, when checking if the document is still current, which again is consistent with (all) other viewer components.

 - Remove a couple of comments, which didn't add a lot of value and sounded a whole lot like "AI speak".
2026-07-02 14:07:04 +02:00
calixteman
43c29379de
Merge pull request #20505 from calixteman/issue20504
Take into account the current transform when getting font size for FreeText
2026-07-02 12:30:10 +02:00
Yarchik
9710372a1b Fix escapePDFName producing malformed name escapes for control characters
escapePDFName emitted a single hex digit for character codes below 0x10
(TAB became #9, not #09). PDF 32000-1 7.3.5 requires exactly two hex digits
after #. On re-save (annotations, form fields, font names) such a Name is
written malformed and the lexer mis-parses it on reload, dropping bytes.
Pad the hex to two digits; a no-op for codes 0x10 to 0xFF.
2026-07-02 10:48:57 +01:00
calixteman
89836b76f0 Take into account the current transform when getting font size for FreeText
Fixes issue #20504.

And the text position in Arabic FreeText annotations.
2026-07-02 11:04:34 +02:00
Nicolò Ribaudo
ea43bb43fb
Avoid text selection workaround in modern Chromium
Chromium 148+ improved their selection behavior when it comes to absolutely
positioned elements, thus making text selectino in PDF.js much better.

Unfortunately this does not only mean that the workaround we currently have
for Chromium is unnecessary, but it actually become harmful. It conflicts
with Chromium's new behavior, making text selection *worse* on mobile.

As the change has been released in Chrome only a month ago, this patch keeps
the workaround for older Chromium versions. There is no easy way to
feture-detect is, so unfortunately we need to do user agent version detection.
2026-07-01 13:14:34 +02:00
Tim van der Meij
f9aacb1ba1
Fix the version comment in the font tests GitHub Actions workflow
It looks like Dependabot somehow didn't match, and thus update, the
version number correctly in the most recent bump.

Fixes 6b0777d5.
2026-06-30 20:23:53 +02:00
Tim van der Meij
614349086b
Merge pull request #21517 from mozilla/dependabot/github_actions/actions/cache/restore-6.1.0
Bump actions/cache/restore from 5.0.5 to 6.1.0
2026-06-30 20:11:06 +02:00
Tim van der Meij
3a3047efc8
Merge pull request #21515 from mozilla/dependabot/github_actions/actions/cache/save-6.1.0
Bump actions/cache/save from 5.0.5 to 6.1.0
2026-06-30 20:10:57 +02:00
Tim van der Meij
4d3b747a17
Merge pull request #21518 from mozilla/dependabot/github_actions/actions/checkout-7.0.0
Bump actions/checkout from 6.0.3 to 7.0.0
2026-06-30 20:09:55 +02:00
Tim van der Meij
9d4f06129c
Merge pull request #21516 from mozilla/dependabot/github_actions/actions/setup-python-6.3.0
Bump actions/setup-python from 6.2.0 to 6.3.0
2026-06-30 20:08:22 +02:00
calixteman
2578f6bff6
Merge pull request #21247 from beurdouche/master
Digital Signature and Certificate verification
2026-06-30 18:36:10 +02:00
dependabot[bot]
bb9c4af462
Bump actions/checkout from 6.0.3 to 7.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](df4cb1c069...9c091bb21b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:16:46 +00:00
dependabot[bot]
2ce10c68d5
Bump actions/cache/restore from 5.0.5 to 6.1.0
Bumps [actions/cache/restore](https://github.com/actions/cache) from 5.0.5 to 6.1.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](27d5ce7f10...55cc834586)

---
updated-dependencies:
- dependency-name: actions/cache/restore
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:16:27 +00:00
dependabot[bot]
6b0777d55f
Bump actions/setup-python from 6.2.0 to 6.3.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 6.2.0 to 6.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](a309ff8b42...ece7cb06ca)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:16:16 +00:00
dependabot[bot]
642f4d1b7a
Bump actions/cache/save from 5.0.5 to 6.1.0
Bumps [actions/cache/save](https://github.com/actions/cache) from 5.0.5 to 6.1.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](27d5ce7f10...55cc834586)

---
updated-dependencies:
- dependency-name: actions/cache/save
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2026-06-30 12:12:46 +00:00
Benjamin Beurdouche
07b1c625e1 Add Digital signature properties verification panel
Adds a new "Digital signature properties" doorhanger to the pdf.js
toolbar that lists every digital signature found in the opened PDF,
verifies each one (via NSS in the Firefox build through a new chrome
bridge), and shows per-signature status + certificate state.

The viewer side parses /Sig dicts in the worker
(`PDFDocument.signatures`), strict-validates the /ByteRange offsets
before slicing, and ships only signature metadata across the worker
boundary. The PKCS#7 blob and signed-data byte spans live in a
worker-side map and are fetched lazily one signature at a time via
a new `getSignatureData(id)` RPC, immediately before verification
runs, so the bytes never sit in main-thread memory for the
document's lifetime.

The panel is feature-gated by `pdfjs.enableSignatureVerification`
(true in MOZCENTRAL/TESTING, off by default in the GENERIC build).
External services expose a `createSignatureVerifier()` factory that
the Firefox build wires up to `nsIX509CertDB.asyncVerifyPKCS7Object`;
GENERIC builds return null and the toolbar button stays hidden.

UI summary:
- Toolbar button states: loading dots while in flight, then green
  check, orange `!`, or red `✕` based on the worst aggregate
  signature status.
- Doorhanger contains a banner summarising the document state, then
  one card per signature with status row + certificate row (sub-
  signatures nested under their outer revision via /ByteRange
  containment).
- Icons are mono SVGs themed via `mask-image` + `background-color`
  so they pick up light/dark/HCM via `--sig-icon-*` vars; flipped
  under RTL via `scaleX(var(--dir-factor))`. The HCM mapping reuses
  the alt-text vocabulary (ButtonFace / ButtonText / ButtonBorder /
  GrayText / AccentColor / LinkText) so this panel reads the same
  as the rest of the editor toolbar in high-contrast mode.
- All visible strings are localized via Fluent
  (`pdfjs-digital-signature-properties-*`); status row, banner, and
  certificate row use explicit lookup tables instead of generated
  ids so a grep finds them.
- Esc + outside-click close the panel through the viewer's existing
  handlers; the manager exposes `isOpen`, `close()`, and
  `shouldCloseOnClick(target)` for that.

This commit also adds a `test/pdfs/sig_corpus/` directory holding a
Python generator that produces a corpus of signed PDFs covering
every visible state of the doorhanger (verified / untrusted /
expired / invalid / unknown / multi-signature variants). The corpus
is intentionally NOT part of the automated test suite — it is a
manual-test tool. Generated `.pdf` files are gitignored; only the
generator, README, and a `user.js.example` snippet are tracked.
The generator shells out to mozilla-central's
`security/manager/tools/pycms.py` (resolved via `--mozilla-central
<path>` or the `MOZILLA_CENTRAL_SRC` env var) and the embedded test
trust anchors (`pdf-sign-ca` / `pdf-sign-ca-expired`), gated by
`security.pdf_signature_verification.enable_test_trust_anchors` so
the test certificates never validate in shipping Firefox.
2026-06-30 13:25:09 +02:00
Nicolò Ribaudo
b9609d0365
Update to Babel 8 2026-06-30 10:45:15 +02:00
calixteman
25eae30e4e
Merge pull request #21513 from calixteman/bug2051221
Remove the BOM from html files (bug 2051221)
2026-06-29 22:21:29 +02:00
calixteman
649fb9c970
Merge pull request #21501 from calixteman/sound
Add support for Sound annotations playing embedded audio
2026-06-29 13:21:08 +02:00
Calixte Denizet
3ccc3ec65c Add support for Sound annotations playing embedded audio
Wrap uncompressed PCM sound streams (Raw/Signed, 8/16-bit, mono/stereo)
in WAV and play them through the shared media overlay.
2026-06-29 12:30:48 +02:00
Calixte Denizet
d142fd2451 Remove the BOM from html files (bug 2051221)
Add add a linter in order to avoid future regressions.
2026-06-29 11:20:34 +02:00
calixteman
1651e57e61
Merge pull request #21507 from calixteman/publish-coverage-index
Add a workflow to publish the per-test coverage index
2026-06-29 11:15:38 +02:00
Calixte Denizet
e4846726ee Add a workflow to publish the per-test coverage index
This index is useful to know what are the tests hitting a specific part of the code.
The next step is to update coverage_search in order to use it instead of having to create
a local one.
2026-06-29 10:07:06 +02:00
Tim van der Meij
f2f3a7fdce
Merge pull request #21510 from timvandermeij/bump
Bump the stable version in `pdfjs.config`
2026-06-27 18:36:56 +02:00
Tim van der Meij
a20c46eca0
Bump the stable version in pdfjs.config 2026-06-27 18:33:07 +02:00