Commit 02dcecdb authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot

Merge branch 'security-55503-fix-pdf-js-vulnerability' into 'master'

Fix PDF.js vulnerability

See merge request gitlab/gitlabhq!2999
parents 3098259e f0285c2b
...@@ -28,7 +28,7 @@ export default { ...@@ -28,7 +28,7 @@ export default {
}, },
watch: { pdf: 'load' }, watch: { pdf: 'load' },
mounted() { mounted() {
pdfjsLib.PDFJS.workerSrc = workerSrc; pdfjsLib.GlobalWorkerOptions.workerSrc = workerSrc;
if (this.hasPDF) this.load(); if (this.hasPDF) this.load();
}, },
methods: { methods: {
......
---
title: Fix PDF.js vulnerability
merge_request:
author:
type: security
import Vue from 'vue'; import Vue from 'vue';
import { PDFJS } from 'vendor/pdf'; import { GlobalWorkerOptions } from 'vendor/pdf';
import workerSrc from 'vendor/pdf.worker.min'; import workerSrc from 'vendor/pdf.worker.min';
import PDFLab from '~/pdf/index.vue'; import PDFLab from '~/pdf/index.vue';
import pdf from '../fixtures/blob/pdf/test.pdf'; import pdf from '../fixtures/blob/pdf/test.pdf';
PDFJS.workerSrc = workerSrc; GlobalWorkerOptions.workerSrc = workerSrc;
const Component = Vue.extend(PDFLab); const Component = Vue.extend(PDFLab);
describe('PDF component', () => { describe('PDF component', () => {
......
...@@ -12,7 +12,7 @@ describe('Page component', () => { ...@@ -12,7 +12,7 @@ describe('Page component', () => {
let testPage; let testPage;
beforeEach(done => { beforeEach(done => {
pdfjsLib.PDFJS.workerSrc = workerSrc; pdfjsLib.GlobalWorkerOptions.workerSrc = workerSrc;
pdfjsLib pdfjsLib
.getDocument(testPDF) .getDocument(testPDF)
.then(pdf => pdf.getPage(1)) .then(pdf => pdf.getPage(1))
......
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
This source diff could not be displayed because it is too large. You can view the blob instead.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment