Skip to content

Script Embedding in Uploaded PDF Files Restriction

Overview

RunMyProcess enables users to upload PDF documents as part of business process workflows. These documents may be attached by end users via forms, uploaded automatically through connectors, or stored and retrieved using RunMyProcess storage and file-handling features. However, some of these PDF files may contain embedded scripts, such as JavaScript, which pose significant security risks.

Risks of Embedded Scripts

Allowing PDFs with embedded scripts introduces vulnerabilities, as malicious actors can inject JavaScript code into documents. These risks include:

  1. Exploitation of PDF Viewer Vulnerabilities: Malicious scripts can exploit weaknesses in PDF viewers used by customers.

  2. Unwanted Actions: Embedded scripts may execute actions such as phishing pop-ups or data exfiltration when users open the file.

  3. Enterprise Workflow Compromise: Malicious scripts can undermine the security and trust of workflows running on RunMyProcess.

  4. Compliance Violations: This could result in non-compliance with information security standards, especially in regulated industries like education, healthcare, finance, and insurance.

These risks can lead to customer-facing security breaches, reputational damage, and potential legal consequences.

Mitigation Measures

To address these risks, RunMyProcess has implemented a validation and sanitization layer with the following capabilities:

  • Script Detection and Blocking

    • The system scans uploaded PDFs for embedded JavaScript or other active content.
    • If such content is detected, the upload is rejected, and the user receives a descriptive error message.

Web Interface Level

At the web interface level, when a user attempts to upload a PDF file containing embedded JavaScript code using any upload widget, the system displays an error message explaining the issue.

Process Design Level

Developers can integrate custom validation into their process design using the isScriptInPDF function. This function requires the file ID for validation and can also accept an additional parameter if the PDF file is password-protected.

Script

Note: Find the function implementation details here: js, python

  • User Notification

    • Users are provided with clear feedback explaining why their PDF was rejected.
    • Guidance is offered to help users remove active content before re-uploading the file.

  • Admin Configurability

    • Platform administrators can configure script checks at the account level.
    • This setting can be managed via the "Account restrictions" page in the platform interface.
      1. Go to the Account Configuration page.
      2. Select the Account tab.
      3. Scroll down to the Account Restrictions section.
      4. Mark the checkbox to Disallow uploads of scripted PDF files.

Script

  • Logging and Audit Trail

    • All rejected PDF uploads are logged for security auditing and analysis.
    • These logs provide a traceable record to support compliance and investigations.

Key Benefits

  1. Enhanced Security: Eliminates the risk of harmful scripts compromising the platform.

  2. Compliance Assurance: Aligns with security standards and regulatory requirements.

  3. User Transparency: Provides actionable feedback to users for better file management.

  4. Customizable Enforcement: Allows organizations to adapt script restrictions to their specific needs.

Best Practices for Users

  • Ensure that uploaded PDFs are free of embedded scripts by using sanitization tools.

  • Regularly review and adhere to organizational policies regarding allowed file formats and content.