The Chrome extension enforces that local files cannot be embedded in
non-local web pages. The previous check was too strict (because the
origin of a file:-URL is "null"), and prevented local PDF from being
viewed in local files).
This patch fixes that problem, by querying the actual tab URL via the
background page.
Steps to verify:
1. Create a HTML file: `<iframe src=test.pdf width=100% height=100%>`
2. Build and load the extension.
3. Allow file access to the extension at `chrome://extensions`
4. Open the HTML file from a file:// URL.
5. VERIFY: The extension should attempt to load the PDF file.
6. Now open the following (replace ID with the extension ID, which you
can find at `chrome://extensions`):
`data:text/html,<iframe src="chrome-extension://ID/file:///test.pdf">`
7. VERIFY: The next error should be displayed:
"Refused to load a local file in a non-local page for security reasons."
One of the patches in https://bugzilla.mozilla.org/show_bug.cgi?id=1202902, specifically [`Mass replace toplevel 'let' with 'var' in preparation for global lexical scope. (rs=jorendorff)`](https://hg.mozilla.org/mozilla-central/rev/380817d573cd), touches PDF.js code. Unfortunately it was landed upstream without, as far as I can tell, notifying us about it.
This patch uplifts the relevant changes to avoid future merge conflicts, and for consistency also tweaks `PdfJs-stub.jsm`.
As explained in
https://github.com/mozilla/pdf.js/issues/6174#issuecomment-118502802.
To verify that this patch works:
1. Build the Chrome extension (node make chromium)
2. Load the Chrome extension (at chrome://extensions)
3. Visit https://robwu.nl/pdfjs/issue6174/.
4. Verify that PDF.js is not used to load the PDF. Either Chrome's
default PDF Viewer is used, or the PDF is offered as a file download.
Fixes https://bugzilla.mozilla.org/show_bug.cgi?id=1170063.
The bug only mentions the <kbd>Meta</kbd> key, but given that a similar situation can occur for <kbd>Ctrl</kbd>, it seemed reasonable to also handle that case in the same patch.
The only possible caveat with the patch is that because of the use of `shadow`, things won't work perfectly if either of the prefs are changed *while* the viewer is active. In this case a reload is required in order for it to work correctly, but given that the issue this patch fixes should be quite rare anyway, that seems OK.
For some reason, https://bugzilla.mozilla.org/show_bug.cgi?id=1167053 changed methods of `NetUtil` yet *again*. This patch thus attempts to handle those changes, while keeping the addon backwards compatible.
I've tested this using all current Firefox versions (Nightly, Aurora/DevEdition, Beta, Release, ESR), and things still appears to work correctly.
This patch removes the only remaining CPOW usage from the code-base, and should thus fix https://bugzilla.mozilla.org/show_bug.cgi?id=1071082.
*Note:* This will not fix the "Open With Different Viewer" button in e10s, since clicking it still fails with `frontWindow is null` in the console, but I do believe that that issue is somewhat orthogonal to the current patch.
This checks for both prefs on the understanding that we need to work on older versions of Firefox. If that isn't the case, the first part of the if isn't necessary. This should only land if bug 639134 is resolved - I'd make the patch part of that bug, but AIUI pdfjs's canonical repo is on github, so...
As of Firefox 35, isContentWindowPrivate should be used for DOM windows instead of isWindowPrivate.
See https://bugzilla.mozilla.org/show_bug.cgi?id=1069059 and
http://hg.mozilla.org/mozilla-central/diff/324798b60ba3/toolkit/modules/PrivateBrowsingUtils.jsm
Without this fix, you will get the following error message when Firefox+PDF.js is started:
>
WARNING: content window passed to PrivateBrowsingUtils.isWindowPrivate. Use isContentWindowPrivate instead (but only for frame scripts).
pbu_isWindowPrivate@resource://gre/modules/PrivateBrowsingUtils.jsm:25:14
ChromeActions.prototype.isInPrivateBrowsing@resource://pdf.js/PdfStreamConverter.jsm:237:12
xhr_onreadystatechange@resource://pdf.js/PdfStreamConverter.jsm:545:30
NetworkManager_requestRange@resource://pdf.js/network.js:95:7
NetworkManager_requestRange@resource://pdf.js/network.js:81:14
RangedChromeActions_requestDataRange@resource://pdf.js/PdfStreamConverter.jsm:596:1
RequestListener.prototype.receive@resource://pdf.js/PdfStreamConverter.jsm:705:5
PdfStreamConverter.prototype.onStartRequest/proxy.onStopRequest/<@resource://pdf.js/PdfStreamConverter.jsm:909:11
FirefoxComClosure/<.request@resource://pdf.js/web/viewer.js:529:14
PdfDataRangeTransport_requestDataRange@resource://pdf.js/web/viewer.js:2977:9
transportDataRange@resource://pdf.js/build/pdf.js:2122:13
messageHandlerComObjOnMessage@resource://pdf.js/build/pdf.js:1219:9
Remove pageAction logic from extension router, and put it in a
separate file. The pageAction URL parsing logic has been simplified,
and all pageAction-related files have been moved to a separate directory.
document.documentElement.style is null in some XML documents.
The previous snippet caused the following error:
Uncaught TypeError: Cannot use 'in' operator to search for 'animation' in null
To fix this bug, `'animation' in document.documentElement.style` has been
replaced with `CSS.supports('animation', '9s')`. This method was introduced
in Chromium 28, but it is not necessary to detect whether this method is
supported because the required createShadowRoot method for embeds is not
available in Chromium 32 and earlier.
If a user downgrades from Chromium 35+ to 34, then the PDF Viewer
extension will not work any more because the extension assumes
that certain features were available based on the cached feature
detection results.
To resolve this problem, all feature detection scripts run again
if the browser was downgraded.
