Adds a new "Digital signature properties" doorhanger to the pdf.js toolbar that lists every digital signature found in the opened PDF, verifies each one (via NSS in the Firefox build through a new chrome bridge), and shows per-signature status + certificate state. The viewer side parses /Sig dicts in the worker (`PDFDocument.signatures`), strict-validates the /ByteRange offsets before slicing, and ships only signature metadata across the worker boundary. The PKCS#7 blob and signed-data byte spans live in a worker-side map and are fetched lazily one signature at a time via a new `getSignatureData(id)` RPC, immediately before verification runs, so the bytes never sit in main-thread memory for the document's lifetime. The panel is feature-gated by `pdfjs.enableSignatureVerification` (true in MOZCENTRAL/TESTING, off by default in the GENERIC build). External services expose a `createSignatureVerifier()` factory that the Firefox build wires up to `nsIX509CertDB.asyncVerifyPKCS7Object`; GENERIC builds return null and the toolbar button stays hidden. UI summary: - Toolbar button states: loading dots while in flight, then green check, orange `!`, or red `✕` based on the worst aggregate signature status. - Doorhanger contains a banner summarising the document state, then one card per signature with status row + certificate row (sub- signatures nested under their outer revision via /ByteRange containment). - Icons are mono SVGs themed via `mask-image` + `background-color` so they pick up light/dark/HCM via `--sig-icon-*` vars; flipped under RTL via `scaleX(var(--dir-factor))`. The HCM mapping reuses the alt-text vocabulary (ButtonFace / ButtonText / ButtonBorder / GrayText / AccentColor / LinkText) so this panel reads the same as the rest of the editor toolbar in high-contrast mode. - All visible strings are localized via Fluent (`pdfjs-digital-signature-properties-*`); status row, banner, and certificate row use explicit lookup tables instead of generated ids so a grep finds them. - Esc + outside-click close the panel through the viewer's existing handlers; the manager exposes `isOpen`, `close()`, and `shouldCloseOnClick(target)` for that. This commit also adds a `test/pdfs/sig_corpus/` directory holding a Python generator that produces a corpus of signed PDFs covering every visible state of the doorhanger (verified / untrusted / expired / invalid / unknown / multi-signature variants). The corpus is intentionally NOT part of the automated test suite — it is a manual-test tool. Generated `.pdf` files are gitignored; only the generator, README, and a `user.js.example` snippet are tracked. The generator shells out to mozilla-central's `security/manager/tools/pycms.py` (resolved via `--mozilla-central <path>` or the `MOZILLA_CENTRAL_SRC` env var) and the embedded test trust anchors (`pdf-sign-ca` / `pdf-sign-ca-expired`), gated by `security.pdf_signature_verification.enable_test_trust_anchors` so the test certificates never validate in shipping Firefox.
PDF.js

PDF.js is a Portable Document Format (PDF) viewer that is built with HTML5.
PDF.js is community-driven and supported by Mozilla. Our goal is to create a general-purpose, web standards-based platform for parsing and rendering PDFs.
Contributing
PDF.js is an open source project and always looking for more contributors. To get involved, visit:
- Issue Reporting Guide
- Code Contribution Guide
- Frequently Asked Questions
- Good Beginner Bugs
- Projects
Feel free to stop by our Matrix room for questions or guidance.
Getting Started
Online demo
Please note that the "Modern browsers" version assumes native support for the latest JavaScript features; please also see this wiki page.
-
Modern browsers: https://mozilla.github.io/pdf.js/web/viewer.html
-
Older browsers: https://mozilla.github.io/pdf.js/legacy/web/viewer.html
Browser Extensions
Firefox
PDF.js is built into version 19+ of Firefox.
Chrome
- The official extension for Chrome can be installed from the Chrome Web Store. This extension is maintained by @Rob--W.
- Build Your Own - Get the code as explained below and issue
npx gulp chromium. Then open Chrome, go toTools > Extensionand load the (unpackaged) extension from the directorybuild/chromium.
PDF debugger
Browse the internal structure of a PDF document with https://mozilla.github.io/pdf.js/internal-viewer/web/debugger.html
Getting the Code
To get a local copy of the current code, clone it using git:
$ git clone https://github.com/mozilla/pdf.js.git
$ cd pdf.js
Next, install Node.js via the official package or via nvm. If everything worked out, install all dependencies for PDF.js:
$ npm install
Finally, you need to start a local web server as some browsers do not allow opening
PDF files using a file:// URL. Run:
$ npx gulp server
and then you can open:
Please keep in mind that this assumes the latest version of Mozilla Firefox; refer to Building PDF.js for non-development usage of the PDF.js library.
It is also possible to view all test PDF files on the right side by opening:
Building PDF.js
In order to bundle all src/ files into two production scripts and build the generic
viewer, run:
$ npx gulp generic
If you need to support older browsers, run:
$ npx gulp generic-legacy
This will generate pdf.js and pdf.worker.js in the build/generic/build/ directory (respectively build/generic-legacy/build/).
Both scripts are needed but only pdf.js needs to be included since pdf.worker.js will
be loaded by pdf.js. The PDF.js files are large and should be minified for production.
Code coverage
We track how much of the code is exercised by the test suite on Codecov (see the badge at the top of this file).
How it is collected
When coverage is enabled, the build instruments the bundled code with
babel-plugin-istanbul,
which adds counters that record every line, branch and function that runs:
- For browser-based tests (unit, integration and reference tests) the
instrumented code runs in the browser, fills a global
window.__coverage__object, and the test runner collects it from each browser session, merges the results, and writes the report. - For the Node-based unit tests (
unittestcli) the raw data is written tobuild/tmp/unittestcli-coverage.jsonand turned into a report afterwards.
Collecting coverage locally
Add the --coverage flag to any of the test tasks, for example:
$ npx gulp unittest --coverage # browser unit tests
$ npx gulp unittestcli --coverage # Node unit tests
$ npx gulp integrationtest --coverage # Puppeteer integration tests
$ npx gulp botbrowsertest --coverage # reference tests
The following options control the output:
| Option | Description | Default |
|---|---|---|
--coverage |
Enable coverage collection. | off |
--coverage-output <dir> |
Directory where the report is written. | build/coverage |
--coverage-formats <list> |
Comma-separated list of formats: info, html, json, text, cobertura, clover. |
info |
--coverage-per-test |
Also build a per-test index (see below). | off |
By default the report is written to build/coverage in the info format, i.e.
an LCOV lcov.info file (the same
format that is uploaded to Codecov). Use --coverage-formats html to get a
browsable HTML report instead, or pass several formats at once, e.g.
--coverage-formats info,html.
Finding which tests cover a given line
Run a browser test task with --coverage-per-test to build an index
(per-test-index.json) in the coverage directory, then query it to list the
tests that exercised a specific source line or function:
$ npx gulp botbrowsertest --coverage-per-test
$ npx gulp coverage_search --code="canvas.js::205"
$ npx gulp coverage_search --code="canvas.js::drawImageAtIntegerCoords"
Continuous integration
On every push and pull request three GitHub Actions workflows collect coverage and upload it to Codecov, each tagged with its own Codecov flag so the test types can be told apart:
| Workflow | Task | Codecov flag |
|---|---|---|
unit_tests.yml |
unittest |
unittest |
integration_tests.yml |
integrationtest |
integrationtest |
coverage_browser_tests.yml |
botbrowsertest |
browsertest |
Using PDF.js in a web application
To use PDF.js in a web application you can choose to use a pre-built version of the library
or to build it from source. We supply pre-built versions for usage with NPM under
the pdfjs-dist name. For more information and examples please refer to the
wiki page on this subject.
Including via a CDN
PDF.js is hosted on several free CDNs:
- https://www.jsdelivr.com/package/npm/pdfjs-dist
- https://cdnjs.com/libraries/pdf.js
- https://unpkg.com/pdfjs-dist/
Learning
You can play with the PDF.js API directly from your browser using the live demos below:
More examples can be found in the examples folder. Some of them are using the pdfjs-dist package, which can be built and installed in this repo directory via npx gulp dist-install command.
For an introduction to the PDF.js code, check out the presentation by our contributor Julian Viereck:
More learning resources can be found at:
The API documentation can be found at:
Questions
Check out our FAQs and get answers to common questions:
Talk to us on Matrix:
File an issue: