Disable javascript inside embedded PDF displayed with Chrome PDF viewer

Question

PDF that contains javascript runs this code when embedded in html and displayed in Chrome. This is better described in this closed issue https://bugs.chromium.org/p/chromium/issues/detail?id=511295

Is there any way how to disable the javascript support alltogether? Sadly i wan't even able to find what exactly is supported in chrome pdf viewer, only that this shouldn't lead to XSS. Still, randomly popping alerts are annoying even without immediate security threat.

Answer 1

This is still the same issue in 2025, effectively a "Will not fix" that chromium team have set as final status. Thus does not do same as Adobe, as PDFium considered it is opposed to PDF requirements!

Status: Won't Fix (Obsolete) Regarding your claim, "the pdf file no need to run javascript on the browser", I'm not sure what the source of your information might be. The PDF spec, on the other hand, at http://partners.adobe.com/public/developer/en/acrobat/sdk/5186AcroJS.pdf lays out the set of JS objects from which pdfium supports a subset. These are used as part of form fillout on web sites in the wild.

In Acrobat Reader web plugin, when the JS engine is called Acrobat should throw up a banner up saying this PDF runs scripting do wish to allow it? Or if misconfigured an option to not run scripting.

However even in MS Edge "Powered by Acrobat" the Chromium/PDFium based Browser will run JavaScript's, even before the full file is shown as downloaded!

And AFAIK no options to disable it.