PDF Editor for Chrome:Edit, Fill, Sign, Print
Version 0.5.5 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a substantial user base of 200,000 downloads, which indicates some level of adoption. However, the extremely low rating of 2.3 out of 5 stars from 801 reviews is a major red flag, suggesting widespread user dissatisfaction. The developer is associated with pdffiller.com, which is a legitimate PDF service company, providing some credibility to the extension's purpose.
The extension requests excessive permissions that far exceed what's necessary for basic PDF editing functionality. The combination of webRequest, webNavigation, tabs, and broad host permissions (*://*/*) creates a surveillance toolkit that can monitor and intercept all web traffic. Content scripts running on all protocols (http, https, ftp, file) indicate the extension can access virtually any content you view. The webRequest permission is particularly concerning as it allows modification of network requests, potentially enabling man-in-the-middle attacks or data theft.
Given the critical risk level, avoid installing this extension entirely. The poor user ratings combined with excessive permissions suggest potential malicious behavior or poor security practices. If PDF editing is essential, consider using reputable alternatives with minimal permissions or web-based PDF editors that don't require browser extensions. If you must use this extension, run it in a completely isolated Chrome profile with no access to sensitive accounts or data.
Findings
Security Analysis Details
Required Permissions:
- storage
- tabs
- activeTab
- webRequest
- webNavigation
- storage
- scripting
Host Permissions:
- *://*/*
Content Security Policy:
- extension_pages: script-src 'self'; object-src 'self'
Embedded URLs (41 total):
| http://www.apache.org/licenses/LICENSE-2.0 | http://www.w3.org/2000/svg | |
| http://www.w3.org/1999/xlink | http://www.bohemiancoding.com/sketch | |
| http://mozilla.org/MPL/2.0/. | https://bugzilla.mozilla.org/show_bug.cgi?id=706209 | |
| https://github.com/adobe-type-tools/cmap-resources | http://example.com | |
| https://robwu.nl/pdfjs/issue6174/. | https://github.com/mozilla/pdf.js/issues/11137 | |
| http://crbug.com/273589 | http://...pdf | |
| https://www.pdffiller.com | https://www.pdffiller.com/flash/data/up.php | |
| http://mozilla-apps.pdffiller.com/api/pdf_converter | http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript | |
| https://stackoverflow.com/q/181348 | https://en.wikipedia.org/wiki/ISO_week_date#Calculating_a_date_given_the_year.2C_week_number_and_weekday | |
| http://momentjs.com/guides/#/warnings/define-locale/ | https://tools.ietf.org/html/rfc2822#section-3.3 | |
| http://momentjs.com/guides/#/warnings/js-date/ | https://github.com/moment/moment/issues/1423 | |
| http://momentjs.com/guides/#/warnings/min-max/ | https://github.com/moment/moment/issues/2978 | |
| https://github.com/moment/moment/pull/1871 | http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html | |
| http://momentjs.com/guides/#/warnings/add-inverted-param/ | https://nodejs.org/dist/latest/docs/api/util.html#util_custom_inspect_function_on_objects | |
| http://momentjs.com/guides/#/warnings/zone/ | http://momentjs.com/guides/#/warnings/dst-shifted/ | |
| https://github.com/moment/moment/issues/2166 | https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js | |
| https://clients2.google.com/service/update2/crx | https://github.com/mozilla/pdf.js/pull/7635. | |
| http://example.com/file.pdf | http://crbug.com/179767 | |
| http://crbug.com/104058 | https://www.chromestatus.com/feature/5709390967472128 | |
| https://crbug.com/326768 | https://github.com/Rob--W/pdfjs-telemetry | |
| https://pdfjs.robwu.nl/logpdfjs |
Raw Manifest
{ "name": "PDF Editor for Chrome:Edit, Fill, Sign, Print", "icons": { "16": "img/logo16.png", "48": "img/logo48.png", "128": "img/logo128.png" }, "action": { "default_icon": { "16": "img/logo16.png", "48": "img/logo48.png", "128": "img/logo128.png" } }, "author": "pdfFiller (support@pdffiller.com)", "storage": { "managed_schema": "preferences_schema.json" }, "version": "0.5.5", "incognito": "split", "background": { "service_worker": "service-worker.js" }, "options_ui": { "page": "options/options.html" }, "update_url": "https://clients2.google.com/service/update2/crx", "description": "Edit, e-sign, print or fax PDFs directly from search engine results and webpages with the pdfFiller extension.", "permissions": [ "storage", "tabs", "activeTab", "webRequest", "webNavigation", "storage", "scripting" ], "options_page": "options/options.html", "content_scripts": [ { "js": [ "contentscript.js", "libs/jquery.min.js", "libs/base64.js", "libs/moment.js", "js/config.js", "js/browser.js", "js/inject.js", "js/background.js" ], "css": [ "contentstyle.css", "css/style.css" ], "run_at": "document_start", "matches": [ "http://*/*", "https://*/*", "ftp://*/*", "file://*/*" ], "all_frames": true } ], "host_permissions": [ "*://*/*" ], "manifest_version": 3, "file_browser_handlers": [ { "id": "open-as-pdf", "file_filters": [ "filesystem:*.pdf" ], "default_title": "Open with PDF Viewer" } ], "content_security_policy": { "extension_pages": "script-src 'self'; object-src 'self'" }, "web_accessible_resources": [ { "matches": [ "<all_urls>" ], "resources": [ "content/web/viewer.html", "http:/*", "https:/*", "ftp:/*", "file:/*", "chrome-extension:/*", "blob:*", "data:*", "filesystem:/*", "drive:*", "img/*" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.