Expand my Community achievements bar.

SOLVED

PDF Forms, JavaScript / FormCalc and Security

Avatar

Former Community Member
5/9/11 7:13:31 AM

Hello!

A client  wants to use PDF forms (around 2000  forms) in their company, most of  them using JavaScript or FormCalc scripts, but today their employees  (thousands) are not  allowed to activate JavaScript in their computers.  Obviously this will  have to be changed.

They say their security people are afraid this could open security breaches...

Please, is there a way this can be solved using LC Digital Signatures?  Or any other solution?

Thank you very much for any ideas!

Marcos

Views

1.1K

Replies

1

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Former Community Member
5/9/11 7:48:28 AM

Marcos

Enabling or  disabling JavaScript is a "global" (it's either on for all documents or  off for all documents) setting at the application (Reader or Acrobat)  level. 

Signing a document with a digital signature will have no  affect on this setting.  If a PDF is "certified", (using a CDS credential issued by an Adobe CDS partner, or with a credential from a Certificate Authority listed on the Adobe Approved Trust List) then a high level of trust is established that the author of the document has not used any malicious JavaScript in the PDF.

You establish a high level of trust with a certified PDF, but it cannot prevent users from accessing PDF documents from other untrusted locations.

More info...

http://www.adobe.com/security/partners_cds.html

http://www.adobe.com/security/digsig/certifieddocs.html

http://www.adobe.com/security/approved-trust-list.html

Regards

Steve

View solution in original post

Views

370

Replies

0

Total Likes

Translate
Translate
Jump to reply
1 Reply

Avatar

Correct answer by
Former Community Member
5/9/11 7:48:28 AM

Marcos

Enabling or  disabling JavaScript is a "global" (it's either on for all documents or  off for all documents) setting at the application (Reader or Acrobat)  level. 

Signing a document with a digital signature will have no  affect on this setting.  If a PDF is "certified", (using a CDS credential issued by an Adobe CDS partner, or with a credential from a Certificate Authority listed on the Adobe Approved Trust List) then a high level of trust is established that the author of the document has not used any malicious JavaScript in the PDF.

You establish a high level of trust with a certified PDF, but it cannot prevent users from accessing PDF documents from other untrusted locations.

More info...

http://www.adobe.com/security/partners_cds.html

http://www.adobe.com/security/digsig/certifieddocs.html

http://www.adobe.com/security/approved-trust-list.html

Regards

Steve

Views

371

Replies

0

Total Likes

Translate
Translate
Jump to reply
Related Conversations
My data source works in Preview PDF mode but not when I generate the form Solved

Views

2.1K

Likes

0

Replies

2
Re; Reset a form based on users checkbox selection Solved

Views

1.2K

Likes

0

Replies

3
Unable to convert the HTML to PDF using PDF generator in Adobe workbench Solved

Views

1.4K

Likes

0

Replies

6
Two watermark applying in PDF Solved

Views

871

Likes

0

Replies

3
Is Adobe live cycle ES2 9.0.5 version compatible with SQL server 2017 and above ? Solved

Views

696

Likes

0

Replies

2
The following has evaluated to null or missing: ==> liqladmin("SELECT id, value FROM metrics WHERE id = 'net_accepted_solutions' and user.id = '${acceptedAnswer.author.id}'").data.items [in template "analytics-container" at line 83, column 41] ---- Tip: It's the step after the last dot that caused this error, not those before it. ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: #assign answerAuthorNetSolutions = li... [in template "analytics-container" at line 83, column 5] ----