Y
Hacker News
new
|
ask
|
show
|
jobs
by
axelf4
2101 days ago
> It's bloat which increases the browser's attack surface.
AFAICT PDF.js is just another JavaScript application and thus as sandboxed as any other website.
1 comments
est31
2101 days ago
It's a js application and thus less exploitable than your average C application with tons of unsound code, but IIRC it belongs to the class of "privileged js" layer that Firefox has, so has special rights that usual website js doesn't have.
link