New issue
Advanced search Search tips

Issue 694151 link

Starred by 2 users
Status: Duplicate
Merged: issue 680202
Owner:
pastarmovj@chromium.org
Closed: Feb 2017
Cc:
asanka@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 2
Type: Bug



Sign in to add a comment

No way to prevent PDF from opening

Reported by shawnkh...@gmail.com, Feb 20 2017 
UserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36

Steps to reproduce the problem:
1. Enable "Open PDF files in the default PDF viewer application" to prevent Chrome from opening PDF files directly
2. Right-click any link to a PDF and select 'save link as'

What is the expected behavior?
The file should download but NOT open. 

What went wrong?
The file opens in the system default PDF viewer.

Did this work before? Yes 54

Chrome version: 56.0.2924.87  Channel: stable
OS Version: 10.0
Flash Version: 

PDF files are perhaps the most risky file format. As such, there's absolutely no good reason to force them to either open it PDF files in Chrome (which has had its own major PDF security issues - see 53.0.2785.89 for examples), *or* force them to open it in third-party PDF viewers that each have had their own security issues.

Users need to be able to safely download PDF files and later decide whether they want to scan them for security issues or open the files on their own.

Comment 1 by raymes@chromium.org, Feb 20 2017

Components: UI>Browser>Downloads Internals>Plugins>PDF
Labels: -Type-Bug-Security -Restrict-View-SecurityTeam Type-Bug
Owner: pastarmovj@chromium.org
Status: Assigned (was: Unconfirmed)
I can't reproduce this with an out of the box Chrome. Only if I right-click on a PDF download and select "Always open with the system viewer" will it automatically open the file. I have to admit that what exactly those 2 options do is not very clear.

pastarmovj: it looks like you might have touched something related recently. Could you comment on the above? I think we may want to make those 2 options (the one in Content Settings and the one in the downloads context menu) clearer. Thanks!

Comment 2 by pastarmovj@chromium.org, Feb 21 2017

Cc: asanka@chromium.org
Mergedinto: 680202
Status: Duplicate (was: Assigned)
Yes this has been recently fixed https://codereview.chromium.org/2683543002/ see the discussion in https://bugs.chromium.org/p/chromium/issues/detail?id=680202 which basically confirms the observations made in the bug report.

We wanted to make the logic so that when you check the box to sue the external viewer the ease of reading pdf to be the same as when you are using the internal viewer. However we figured out this robs the user of the choice to open the file or not (in some cases even too aggressively) so until we can come up with better logic when to auto-open we reverted to letting the user decide (by using the download bar menu).

Sign in to add a comment