Skip navigation
newtypefx
newtypefx Calculating status...
Currently Being Moderated

Acrobat Protected View problems with certain SDK calls

May 15, 2012 4:38 PM

I'm trying to write a plugin for Acrobat 10.1.3. I tried to call AVAppGetNumDocs in one of the functions, and tested this function with a pdf open in Acrobat. When protected view is off, this function behaves correctly and returns 1. However, when protected view is on this function will return 0.

 

I noticed a similar problem with AVAppGetActiveDoc too. To be safe, this function is only called from within a menu item. When protected view is on, NULL is returned by the API call.

 

I've tried to upgrade to the latest Acrobat X SDK and change the ACRO_SDK_LEVEL to 0x000A0000, but this still seems to fail. I was wondering if this is expected behavior for these function calls under protected view.

771 Views   6 Replies   Latest reply: newtypefx, May 17, 2012 4:46 PM
 
Replies
  • lrosenth
    Currently Being Moderated
    1. lrosenth,
    May 15, 2012 5:33 PM   in reply to newtypefx
    Report

    That is because plugins aren't allowed to operate on documents in Protected View.

     
    |
    Mark as:
  • newtypefx
    Currently Being Moderated
    2. newtypefx,
    May 16, 2012 10:14 AM   in reply to lrosenth
    Report

    Sorry, forgot to mention that I was trying to use a whitelist with the plugin. There's a regkey in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Adobe\Adobe Acrobat\10.0\FeatureLockDown\bUseWhitelistConfigFile and a ProtectedModeWhitelistConfig.txt sitting in D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\.

     

    This whitelist and plugin works correctly with reader's protected mode. If a document is open, AVAppGetNumDocs will return 1.

     
    |
    Mark as:
  • lrosenth
    Currently Being Moderated
    3. lrosenth,
    May 16, 2012 10:18 AM   in reply to newtypefx
    Report

    Reader Protected Mode is NOT the same as Acrobat Protected View.

     
    |
    Mark as:
  • newtypefx
    Currently Being Moderated
    4. newtypefx,
    May 16, 2012 5:27 PM   in reply to lrosenth
    Report

    Yes, I've seen that in some of the documents that have been posted and know that they're different, but the whitelist was meant to address this problem and help support 3rd party addins right? As an example, I tried to use a whitelist that would basically allow anything to try to test the plugin and the API function calls.

     

    FILES_ALLOW_ANY = *

    FILES_ALLOW_DIR_ANY = *

    REG_ALLOW_ANY = HKEY_CURRENT_USER\*

    REG_ALLOW_ANY = HKEY_CLASSES_ROOT\*

    PROCESS_ALL_EXEC = *

    NAMEDPIPES_ALLOW_ANY = *

    EVENTS_ALLOW_ANY = *

    MUTANT_ALLOW_ANY = *

     

    Even with this, AVAppGetNumDocs would return 0. Is it the case that even with a whitelist set up, a plugin won't be able to operate on the document at all? For a plugin to gain any privileges to the current document, a user must click the Enable all features button first?

     
    |
    Mark as:
  • lrosenth
    Currently Being Moderated
    5. lrosenth,
    May 17, 2012 3:31 PM   in reply to newtypefx
    Report

    NO – the white list is strictly for Protected MODE in Reader.  It has ZERO IMPACT on Protected VIEW in Acrobat.   There is no way to access files from Protected View – this is BY DESIGN.

     
    |
    Mark as:
  • newtypefx
    Currently Being Moderated
    6. newtypefx,
    May 17, 2012 4:46 PM   in reply to lrosenth
    Report

    Thanks, I'll basically wait around until the user clicks the Enable All button then. However, I'd like to point out that a recent acrobat application security document from 4/17/12 section 4.2.5 (page 44) has a section showing how to use a whitelist for protected view in acrobat. Is this whitelist ignored by acrobat? That's what seems to be the case.

     
    |
    Mark as:
Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points