cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Form Problems - Security issues when signing

Avatar
Fabiana GO Buysoft
Feb 26, 2020

Copy link to clipboard

Copied

I developed a PDF form using Javascript for field validation and digital signature after filling. We found a security problem after signing.

 

My form: Ficha Cadastral 26.02.2020 Filled Form.pdf

 

I coded an onSign_pf script: by signing the document, all filled fields are visible and all fields become read-only.

 

Problems: some important fields, remain clickable after signing, using Acrobat Pro or Reader, Windows (10 or 7).

These fields have scripts that reset some fields and/or show/hide some other fields.

When they remain clickable after the subscription, the information filled in by the customer will be lost.

 

On Mac everything works correctly (with Adobe Reader or Professional): after signing all fields are correctly read-only -  cannot be edited or checked.

 

My idea for solve this: create a button (you will see the new gray button called pf.validarinformacoes) that will serve for the person to review the information before signing (What I called “review” is make the fields read-only and make the fillable fields visible – function onSign_pf)

 

After validating the information, the signature field button will be visible and “on sign” tab I setup “Mark as read only: all fields”. (To ensure that all fields would be read-only, in case the problem was with the on_sign_pf  script).

But: the problems persists.

 

Please, let me show you, through the video, what is happening, step by step: https://youtu.be/gjBrPHQRtr4 (no song, please activate captions)

 

Environment problem:

  • The fields remain clickable after signature / instruction for all fields to become read-only.
  • Adobe Acrobat Pro / Reader
  • Windows ( 7 or 10, 64 or 32 bits)
  • Happens with token or self signed signatures

Please! Help me! ☺

Fabiana GO
- YouTube
youtu.be/gjBrPHQRtr4
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
TOPICS
Acrobat SDK and JavaScript, PDF forms, Security digital signatures and esignatures

Views

105

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Form Problems - Security issues when signing

Avatar
Fabiana GO Buysoft
Feb 26, 2020

Copy link to clipboard

Copied

I developed a PDF form using Javascript for field validation and digital signature after filling. We found a security problem after signing.

 

My form: Ficha Cadastral 26.02.2020 Filled Form.pdf

 

I coded an onSign_pf script: by signing the document, all filled fields are visible and all fields become read-only.

 

Problems: some important fields, remain clickable after signing, using Acrobat Pro or Reader, Windows (10 or 7).

These fields have scripts that reset some fields and/or show/hide some other fields.

When they remain clickable after the subscription, the information filled in by the customer will be lost.

 

On Mac everything works correctly (with Adobe Reader or Professional): after signing all fields are correctly read-only -  cannot be edited or checked.

 

My idea for solve this: create a button (you will see the new gray button called pf.validarinformacoes) that will serve for the person to review the information before signing (What I called “review” is make the fields read-only and make the fillable fields visible – function onSign_pf)

 

After validating the information, the signature field button will be visible and “on sign” tab I setup “Mark as read only: all fields”. (To ensure that all fields would be read-only, in case the problem was with the on_sign_pf  script).

But: the problems persists.

 

Please, let me show you, through the video, what is happening, step by step: https://youtu.be/gjBrPHQRtr4 (no song, please activate captions)

 

Environment problem:

  • The fields remain clickable after signature / instruction for all fields to become read-only.
  • Adobe Acrobat Pro / Reader
  • Windows ( 7 or 10, 64 or 32 bits)
  • Happens with token or self signed signatures

Please! Help me! ☺

Fabiana GO
- YouTube
youtu.be/gjBrPHQRtr4
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
TOPICS
Acrobat SDK and JavaScript, PDF forms, Security digital signatures and esignatures

Views

106

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Feb 26, 2020 0
2 Replies 2
Jump to latest reply
Avatar
Bernd Alheit
Feb 27, 2020

Copy link to clipboard

Copied

In the onSign_pf script you ignore some fileds:
var fieldsToIgnore = ["pf.possuiecpflabel","pf.possuiecpfsimlabel","pf.possuiecpfnaolabel","pf_ecpf_sim","pf_ecpf_nao","pf_assinatura","pf_assinatura_digital" ,"pf_assinatura_label"];

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 27, 2020 0
Avatar
Fabiana GO Buysoft LATEST
Feb 27, 2020

Copy link to clipboard

Copied

Hi @Bernd_Alheit thank you for your help! The ignored fields in onSign_pf are the signature fields (digital or bio).

 

I thought it would solve my problem with read-only fields by dividing the form into two steps:

 

Step 1: click on the gray button and prepare the fields for signature (filled in visible and all read only)

Step 2: shows the signature field (ignored in the previous phase) sign and send.

all-fields-read-only.gif

 

 

My initial idea was to have only one step: the script from Step 1 (onSign_pf) should solve everything, in the first version I would activate the script in the "Signed" tab of the signature field and my expectation is that I could make all fields read only after the signature.

 

Well, as it wasn't working, I divided it into two steps: Check fields and Sign.

Fabiana GO

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 27, 2020 0

Related conversations

Using the Community Experience League Terms of Use Privacy Policy Cookie preferences AdChoices Language:
  • Deutsch
  • English
  • Español
  • Français
  • 日本語コミュニティ
  • Português
Copyright © 2020 Adobe. All rights reserved.