• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Plug in SDK Windows - Reading and writing config information under appdata\local

New Here ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

I use a json file for configuration information. During initial development, I stored it in the plug in folder. I can read it from there without any trouble. I recently tried moving it to the LOCALAPPDATA folder under a folder I created for the plug in. The ocde tests for existince of the file, which works fine and opens it for reading in a stream. But it reads no data. Other that the file path, the code has not changed at all. The existence check uses GetFileAttributes, which does returen the correct file attributes and ensures I have the path right.

I know Acrobat uses the integrity functionality to run the instance of Acrobat with my plug in using the AppContainer model, restricting some user privileges. But reading (and I hope writing) seems like it should be allowed in the user data area.

TOPICS
Acrobat SDK and JavaScript , Windows

Views

468

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

LEGEND , Oct 05, 2022 Oct 05, 2022

I would assume not. Other projects, even some parts of Acrobat, don't work properly because they can't read or write control files. BUT... if your problem is simple you might be able to use a configuration file to allow selected access (as described in the first link I posted) rather than the much more complex world of a broker. I should have mentioned that before.

Votes

Translate

Translate
LEGEND ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

No, reading and writing %APPDATA% is very definitely blocked when Protected Mode is off, except for Acrobat's own area. %APPDATA% can contain all sorts of private info, and it is to protect this that Protected Mode exists. You may need to write a plug-in broker to manage your I/O.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

Thanks for the quick response and info. Can you tell me a litle more about what a plug in broker is? I had been considering writing a service to help, which may be what you mean. We are also wrestling with a related (privilege problem) issue for licensing.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

It's important to have an insight into what protected mode is designed for. PDF files are shared and downloaded freely, so they are an attractive vector for attacks. These are attacks using undiscovered future bugs. The idea of the sandbox is to provide a double protection: if a future bug is found, and hackers use it to "break in" to Acrobat to run code, then the code can do almost nothing - it can't read files (to steal data), write files (to do more hacking or destruction), read or write registry, set up network connections etc. etc.

 

A plug-in broker is a special EXE installed alongside your plug-in. Adobe provide a distributed API for you to call routines in your EXE from the plug-in. These routines run with normal privileges - but are not part of Acrobat and cannot access the open file or use the SDK functions. But you should be able to encapsulate "read my preferences" - but it is important not to just write a broker function that "reads any file" because that opens up the sandbox. The EXE should decide what to read, not take a filename.

 

General info https://www.adobe.com/devnet-docs/acrobatetk/tools/AppSec/sandboxprotections.html

Specifics https://opensource.adobe.com/dc-acrobat-sdk-docs/acrobatsdk/pdfs/acrobatsdk_overview.pdf chapter 2.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

Thanks again for the quick yet thorough answer. I am looking at the SDK and I notice that besides the SDK library there is also a simple ipc project that is providing access to named pipes. Does The AppContainer model allow that? Our needs are very simple. Returning json file contents as string would allow me to set up a memory stream instead of the file stream, and a pass/fail on the license. If named pipes are allowe, I think I will go that way instead of the full API route. I would implement it  so that only that specific commands result in strings being returned; not having the plugin provide faile names or anything. If anything resulted in a write, it would be a command like setting the last role chosen (in my plugin that's preparer, reviewer or supporting reviewer) so that the next time it's run it would default to the role they last used.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Oct 05, 2022 Oct 05, 2022

Copy link to clipboard

Copied

I would assume not. Other projects, even some parts of Acrobat, don't work properly because they can't read or write control files. BUT... if your problem is simple you might be able to use a configuration file to allow selected access (as described in the first link I posted) rather than the much more complex world of a broker. I should have mentioned that before.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Oct 14, 2022 Oct 14, 2022

Copy link to clipboard

Copied

LATEST

Some other answers were also correct, but this ended up being the simplest way to resolve my issues.

Thanks again.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines