Snuffleupagus
commented
2 years ago This was implemented in PR #11087, and was done for security reasons.[1]
See https://bugzilla.mozilla.org/show_bug.cgi?id=1568071 which unfortunately isn't public.
Open cadeyrn opened 2 years ago
Snuffleupagus
commented
2 years ago This was implemented in PR #11087, and was done for security reasons.[1]
See https://bugzilla.mozilla.org/show_bug.cgi?id=1568071 which unfortunately isn't public.
cadeyrn
commented
2 years ago Since the Bugzilla ticket is not public, could you please summarize why it's important for security to disable links for password protected files? And do other browsers (like Chrome) and PDF viewers (like Acrobat) have the same issue and they don't care or are they protected in some way against that type of security problem?
Snuffleupagus
commented
2 years ago Since the Bugzilla ticket is not public, could you please summarize why it's important for security to disable links for password protected files?
Given that the bug hasn't been made public, I don't know if it'd be appropriate/correct for me to comment on its details; hopefully that's an understandable position! And for what it's worth, I don't believe that one or two sentences could accurately capture the contents of that bug.
And do other browsers (like Chrome) and PDF viewers (like Acrobat) have the same issue and they don't care or are they protected in some way against that type of security problem?
My only experience with those PDF Viewers is as a user, so it's impossible for me to say. However, based on the information in the bug they may be affected by those security problems (unless it's been somehow addressed in the years since).
Attach (recommended) or Link to PDF file here:
https://download.novapdf.com/download/samples/pdf-example-password.pdf Password:
testConfiguration:
Steps to reproduce the problem:
What is the expected behavior?
You can open the links.
What went wrong?
After step 2 nothing happens if you click on a link. The tooltip contains a "Disabled: " before the URL. After step 5 you can open the links.
The behaviour after step 2 seems wrong to me because a) I don't see why a password protection should restrict the ability to open links and b) Google Chrome and Adobe Acrobat do not restrict the opening of links for password protected PDF files.