Provide a fallback for font rendering when not allowed to use eval

[skalnik]

This provides a fallback for font rendering if PDF.js is used in a place where it is not allowed to use eval, such as an environment with a CSP header with unsafe-eval.

It does so by changing the code emitted from the font_renderer to be more generic commands, and then when they're run in the font_loader, they're compiled into JS and used to construct a function like before. However if we catch an EvalError, we instead use Function.prototype.apply to run the commands.

Fixes #4660

[yurydelendik]

Thanks for working on the issue. Could you address jshint issues and squash commits? Make sure you are friendly to the https://github.com/mozilla/pdf.js/wiki/Style-Guide.

Few points:

• feature test ability to eval once and perform the transform for compiler or interpreter later
• generate few less arrays to reduce amount of created object, e.g. use single array and add some smarts on the compiler/interpreter to scan it

[skalnik]

@yurydelendik Thanks for the kind words! Its my pleasure to work on this 😁

I cleaned up much of the excess array creation, ensured I passed the linter, and applied the style guide rules where I saw I violated them. I'd love another review on this when you get a chance 👀

I'm unsure how to test this feature. I'm not the most familiar with this code base and I'm having trouble finding any tests around this. I also am not sure if there is a nice way to force the Function constructor to throw an EvalError instead of executing. If you had any pointers here they would be greatly appreciated 🙇

After this is resolved, I'm happy to squash my commits to prepare this for merging ✨

[timvandermeij]

@skalnik It is easier for us to review your code if you squash the commits into one commit. Could you please do that? Thanks!

[skalnik]

@timvandermeij D'oh, I always just look at the PR diff on GitHub, so I didn't even think about that. I've gone ahead and squashed the commits 👍

[yurydelendik]

Use lazy initialized property (e.g. isEvalSupported) at FontLoader that will use shadow() where you will testnew Function capabilities and branch based on that, e.g. var result; try { new Function(''); result = true; } catch (e) { result = false }; return shadow(....

See example at https://github.com/skalnik/pdf.js/blob/fix-font-csp-issues/src/display/font_loader.js#L54

[yurydelendik]

Reword commit comment "[PATCH] Add fallback for font loading when eval disabled
🔮" to "Add fallback for font loading when eval disabled"

[yurydelendik]

I'm unsure how to test this feature. I'm not the most familiar with this code base and I'm having trouble finding any tests around this.

If you introduce FontLoader.isEvalSupported property, you will be able to fake different compile methods by returning true or false. The internal font rendering is working when PDFJS.disableFontFace is set to true.

[yurydelendik]

Could you add isEvalSupported to the FontLoader?

  get isEvalSupported() {
    var result = false;
    try {
       new Function(''); // trying to compile a simple function
       result = true;
    } catch (e) {
      // eval is not supported
    }
   return shadow(this, 'isEvalSupported', result);
  },

And use it to branch the logic in the FontLoader.getPathGenerator. PDFJS.isEvalSupported check can be included in the function above as well.

[skalnik]

Ah, after looking at your example, I think I understand what you were saying now. Sorry, a lot of these JS patterns are new to me

[timvandermeij]

There are some lint errors. Tip: you can catch lint errors locally by running node make lint from a terminal. Please also keep the commits squashed for review. Thanks!

[Rob--W]

Could you optimize your code, by using objects instead of array & slice? Your current method involves a array copy operation at every glyph creation call. Here are some suggestions for optimization:

Use an object, not an array

I have created some alternatives and a benchmark, my proposed method ("usingObject") is 2-4x faster than your method (Safari 8. Chrome 43, Firefox 40,

  cmds.push({ name: 'lineTo',  args: [x, y]});  // usingObject
// instead of cmds.push(['lineTo', x, y]);      // usingSlice
// or even cmds.push(['lineTo', [x, y]]);       // usingArray

For a benchmark of the alternatives, see http://jsfiddle.net/5co62ohk/1/. My top suggestion is 3-4x faster than my proposed alternative in Chrome 43, Safari 8 and IE 11 and 1.3-1.5x faster in Firefox 40.

Special-case parameter-less arguments

The generic for loop in if (cmd === 'scale') is not needed, because scale always uses the same constant parameters. Instead of the for loop in this.compiledGlyphs[character], use the following. You could also put a comment at cmds.push({name: 'scale', args: []}); to clarify that scale is treated as a special case.

if (cmd === 'scale') {
    args = [size, -size];
}

[skalnik]

Could you optimize your code, by using objects instead of array & slice? Your current method involves a array copy operation at every glyph creation call. Here are some suggestions for optimization:

I've implemented these changes 😁

Oh wait! I lied, I didn't do the second one. Doing that now.

[skalnik]

@Rob--W Any more thoughts on this?

[Rob--W]

@skalnik Two small notes, and then it looks fine to me.

[skalnik]

All fixed up 🔧

[Rob--W]

j and alen don't seem to be used, so remove them.

And could you move var js = ''; inside if (FontLoader.isEvalSupported) {?

[Rob--W]

@skalnik I found another two minor issues. I guess that that's really it.

[skalnik]

Patched that up as well!

[Rob--W]

In terms of code, LGTM.

I'll defer the merge to @yurydelendik.

[yurydelendik]

Make function empty.

[yurydelendik]

Looks good with comments above addressed.

[skalnik]

Updated!

[timvandermeij]

The bots time out when processing test/pdfs/glyph_accent.pdf with the following console message:

TypeError: current.args is undefined

[Snuffleupagus]

Nit: please add one space between if and (.

[skalnik]

@timvandermeij That should be resolved. @Snuffleupagus tiny nits fixed up

[timvandermeij]

/botio-linux preview

[pdfjsbot]

From: Bot.io (Linux)

---

Received

Command cmd_preview from @timvandermeij received. Current queue size: 0

Live output at: http://107.21.233.14:8877/a50cdef429e0d69/output.txt

[pdfjsbot]

From: Bot.io (Linux)

---

Success

Full output at http://107.21.233.14:8877/a50cdef429e0d69/output.txt

Total script time: 0.64 mins

Published

• Viewer: http://107.21.233.14:8877/a50cdef429e0d69/web/viewer.html
• B2G Viewer: http://107.21.233.14:8877/a50cdef429e0d69/extensions/b2g/content/web/viewer.html
• Extension: http://107.21.233.14:8877/a50cdef429e0d69/extensions/firefox/pdf.js.xpi

[timvandermeij]

/botio test

[pdfjsbot]

From: Bot.io (Linux)

---

Received

Command cmd_test from @timvandermeij received. Current queue size: 0

Live output at: http://107.21.233.14:8877/f72d3db853ecabb/output.txt

[pdfjsbot]

From: Bot.io (Windows)

---

Received

Command cmd_test from @timvandermeij received. Current queue size: 0

Live output at: http://107.22.172.223:8877/539e862e2ff05cb/output.txt

[pdfjsbot]

From: Bot.io (Windows)

---

Success

Full output at http://107.22.172.223:8877/539e862e2ff05cb/output.txt

Total script time: 18.47 mins

• Font tests: Passed
• Unit tests: Passed
• Regression tests: Passed

[pdfjsbot]

From: Bot.io (Linux)

---

Success

Full output at http://107.21.233.14:8877/f72d3db853ecabb/output.txt

Total script time: 19.02 mins

• Font tests: Passed
• Unit tests: Passed
• Regression tests: Passed

[timvandermeij]

This patch looks really good and much cleaner than before to me. The tests also pass now. @yurydelendik would like to test this once more and after that this should be good to merge.

[skalnik]

@yurydelendik any updates here since you wanted to test one more time?

[yurydelendik]

Looks good. Thank you for the patch.