Enterprise Toolkit | Macintosh Plist Reference

JSPrefs (JavaScript Controls)

JavaScript preferences turn script execution on and off, configure security options, and so on for the end user. For script authors, options are provided for configuring the debugger and preferred editor. This feature has several facets that interact with enhanced security and the TrustManager preferences.

Related resources:


This preference category contains the following subfeature(s):

JavaScript Execution Controls

These preferences enable granular control of JavaScript execution. Options include:

  • Disabling JS globally
  • Specifying whether global (document to document) object access is allowed
  • Specifying specific APIs and invoking mechanisms via a whitelist or blacklist

Summary table
BlackList Enables the selective blocking of vulnerable JS APIs.
DisableJavaScript Specifies whether to globally disable and lock JavaScript execution.
EnableGlobalSecurity Controls whether or not a script in one sandbox can access a script object in another sandbox.
EnableJS Toggles JavaScript execution on and off globally; when off, the PDF cannot execute JavaScript.
EnableMenuItems Toggles off and on JavaScript's ability to execute menu items.
WhiteList The whitelist of menu items that can be executed via JavaScript.
Security hardeningSupported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 0 (bool)
Default 1
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Toggles JavaScript execution on and off globally; when off, the PDF cannot execute JavaScript.
Details When the user's ability to create privileged locations is not disabled and locked, end users can bypass disabled JS by choosing Trust once or Trust Always via the Options button on the Yellow Message Bar. Admins can disable and lock JS execution by setting bDisableJavaScript to 0 in HKLM.
GUI mapping Preferences > JavaScript > JavaScript panel > Enable Acrobat JavaScript
Security hardeningSupported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 0 (bool)
Default null
Version # 9.5 and 10.1.2+
Lock Path FeatureLockDown
Summary Specifies whether to globally disable and lock JavaScript execution.
Details This lockable setting can prevent end users from bypassing JS restrictions via privileged locations. Possible values include:
  • 0 or null: Don't disable JS.
  • 1: Disable and lock JS.
GUI mapping N/A
Supported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 5 (text)
Default Close|GeneralInfo|Quit|FirstPage|PrevPage|NextPage|..... etc. See the actual whitelist.
Version # 8.0+
Lock Path FeatureLockDown
Summary The whitelist of menu items that can be executed via JavaScript.
Details The default value may vary across versions. Some menu items can never be invoked via JavaScript.

In Acrobat 8 Adobe introduced a list of menu-item names captured in a whitelist that can be invoked via JavaScript. If a menu-item name appears on the list, then it can be executed from a non-privileged context, like a document script. If a menu-item name does not appear on the list, then that menu item can only be executed from a privileged context. Privileged contexts include the console window, a batch sequence and a trusted function.

Menu items can be added and removed from this list for individual Acrobat installations. Changing the whitelist works very well for closed environments, a single office for example. It's not practical to change the list for more distributed groups of users. The items not on this list by default are typically suitable only for use in an automation script. They should only be considered for document scripting under special circumstances.
Note: For a complete article, see Executing Acrobat Menu Items from JavaScript
Note: When the Wizard is used to set this preference, it writes to cAdminExecMenuItems .
GUI mapping N/A
Security hardeningSupported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 0 (bool)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Toggles off and on JavaScript's ability to execute menu items.
GUI mapping Preferences > JavaScript > JavaScript Security panel > Enable menu items. . .
Security hardeningSupported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 0 (bool)
Default 1
Version # 7.0+
User Path JSPrefs
Lock Path Not lockable
Summary Controls whether or not a script in one sandbox can access a script object in another sandbox.
Details By default, scripts can not access objects outside the current document sandbox. With 9.x and later, such communication only works in the standalone application since both the Acrobat and Reader browser-based viewer opens each window in a discrete browser instance.
GUI mapping Preferences > JavaScript > JavaScript Security panel > Enable global object security policy
Security hardeningSupported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 5 (text)
Default null
Version # 9.2+
User Path See details.
Lock Path FeatureLockDown
Summary Enables the selective blocking of vulnerable JS APIs.
Details tBlacklist maintains a list of restricted Acrobat JavaScript APIs that may present a security risk in some environments. The list specifies particular JS APIs rather than blocking the entire set of Acrobat JavaScript APIs by disabling Acrobat JavaScript. If the feature is not locked down, the user can override blacklist settings via a privileged location. Note that both the locked down and non-locked down lists reside in HKLM: There is an admin list and a user list:
  • HKLM\SOFTWARE\Adobe\Adobe Acrobat\(version)\JavaScriptPerms\tBlackList
  • HKLM\SOFTWARE\WOW6432Node\Policies\Adobe\Adobe Acrobat\(version)\FeatureLockDown\cJavaScriptPerms\tBlackList
Possible values include:
  • An user specified list of blacklisted APIs in HKCU.
  • An admin specified list of blacklisted APIs in HKLM.
For additional security-related details, refer to the Application Security Guide.
GUI mapping N/A

JavaScript Debugger

Configures the JavaScript Debugger.

Summary table
ConsoleInput Toggles whether or not the console appears if script execution results in an error or message.
ConsoleOpen Enables the interactive debugger console.
EnableDebugger Enables the debugger.
Exceptions Specifies how exceptions should be handled.
SaveBreakpoints Stores breakpoints in a PDF file
Supported on WindowsSupported on MacSupported by AcrobatSupported by Adobe Reader
Data type 0 (bool)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Enables the debugger.
Details Requires an application restart.
GUI mapping Preferences > JavaScript > JavaScript Debugger panel > Enable JS debugger . . .
Supported on WindowsSupported on MacSupported by Acrobat
Data type 0 (bool)
Default 0
Version # 8.0+
User Path JSPrefs
Lock Path Not lockable
Summary Stores breakpoints in a PDF file
Details Details, interactions with other keys, and allowable values, etc.
GUI mapping Preferences > JavaScript > JavaScript Debugger panel > Store breakpoints in a PDF file.
Supported on WindowsSupported on MacSupported by Acrobat
Data type 1 (int)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Specifies how exceptions should be handled.
Details Allowable values include:
  • 0: Ignore
  • 1: Trace
  • 2: Break
GUI mapping Preferences > JavaScript > JavaScript Debugger panel > When exception is thrown radio buttons
Supported on WindowsSupported on MacSupported by Acrobat
Data type 0 (bool)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Enables the interactive debugger console.
GUI mapping Preferences > JavaScript > JavaScript Debugger panel > Show console on errors and messages
Supported on WindowsSupported on MacSupported by Acrobat
Data type 0 (bool)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Toggles whether or not the console appears if script execution results in an error or message.
GUI mapping Preferences > JavaScript > JavaScript Debugger panel > Enable interactive console

JavaScript Editor

Specifies which editor to use and configures its font and font size.

Summary table
ChooseDialog Specifies wither or not to use the Acrobat editor or an external editor.
EditorFontName Specifies the font for the script editor.
EditorFontSize Specified the font size for the script editor.
EditorPath Provides a path to an external editor.
Supported on WindowsSupported on MacSupported by Acrobat
Data type 0 (bool)
Default 0
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Specifies wither or not to use the Acrobat editor or an external editor.
Details When true, the "Choose an external editor" field becomes enabled.
GUI mapping Preferences > JavaScript > JavaScript Editor panel > Use Acrobat/external radio buttons
Supported on WindowsSupported on MacSupported by Acrobat
Data type 5 (text)
Default null
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Provides a path to an external editor.
Details The field becomes active when bChooseDialog is set to 1.
GUI mapping Preferences > JavaScript > JavaScript Editor panel > Use external editor text field
Supported on WindowsSupported on MacSupported by Acrobat
Data type 5 (text)
Default Courier New
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Specifies the font for the script editor.
GUI mapping Preferences > JavaScript > JavaScript Editor panel > Font
Supported on WindowsSupported on MacSupported by Acrobat
Data type 5 (text)
Default null
Version # 7.x+
User Path JSPrefs
Lock Path Not lockable
Summary Specified the font size for the script editor.
GUI mapping Preferences > JavaScript > JavaScript Editor panel >Size drop down list.